* [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible [not found] <cover.1671430636.git.yi1.li@intel.com> @ 2022-12-19 6:24 ` Li, Yi [not found] ` <17321DB57D822CE7.23615@groups.io> 1 sibling, 0 replies; 9+ messages in thread From: Li, Yi @ 2022-12-19 6:24 UTC (permalink / raw) To: devel; +Cc: Yi Li, Jiewen Yao, Jian J Wang, Xiaoyu Lu, Guomin Jiang REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 Using older Crypto protocol will be allowed. Each function wrapper will be annotated to require a minimum required version of the crypto protocol and assert if called when the version is not compatible. Ths minimum version difined as the version when the API was introduced. Details: ///Parallel hash: MinVersion 8 ParallelHash256HashAll, /// HMAC SHA256 (continued): MinVersion 9 HmacSha256All, /// HMAC SHA384: MinVersion 9 HmacSha384New, ... HmacSha384All, /// HKDF (continued): MinVersion 10 HkdfSha256Extract, ... HkdfSha384Expand, /// Aead Aes GCM: MinVersion 11 AeadAesGcmEncrypt, AeadAesGcmDecrypt, /// Big Numbers: MinVersion 12 BigNumInit, ... BigNumAddMod, /// EC: MinVersion 13 EcGroupInit, ... EcDhComputeKey, /// TLS (continued): MinVersion 14 TlsShutdown, ... TlsGetExportKey, /// Ec (Continued): MinVersion 15 EcGetPublicKeyFromX509, ... EcDsaVerify, /// X509 (Continued): MinVersion 16 X509GetVersion, ... X509GetExtendedBasicConstraints /// Others: MinVersion 7 Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> Cc: Guomin Jiang <guomin.jiang@intel.com> Signed-off-by: Yi Li <yi1.li@intel.com> --- .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - 4 files changed, 227 insertions(+), 248 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c index 4e31bc278e..e470a0f0d4 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c @@ -24,18 +24,20 @@ @param Args The argument list to pass to Function. @param ErrorReturnValue The value to return if the protocol is NULL or the service in the protocol is NULL. - -**/ -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) \ - do { \ - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ - \ - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ - return (CryptoServices->Function) Args; \ - } \ - CryptoServiceNotAvailable (#Function); \ - return ErrorReturnValue; \ + @param MinVersion The minimum protocol version that supports the API. + +**/ +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, MinVersion) \ + do { \ + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ + \ + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ + CryptoServices->GetVersion () >= MinVersion) { \ + return (CryptoServices->Function) Args; \ + } \ + CryptoServiceNotAvailable (#Function); \ + return ErrorReturnValue; \ } while (FALSE); /** @@ -45,14 +47,16 @@ @param Function Name of the EDK II Crypto Protocol service to call. @param Args The argument list to pass to Function. + @param MinVersion The minimum protocol version that supports the API. **/ -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) \ do { \ EDKII_CRYPTO_PROTOCOL *CryptoServices; \ \ CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ + CryptoServices->GetVersion () >= MinVersion) { \ (CryptoServices->Function) Args; \ return; \ } \ @@ -116,7 +120,7 @@ Md5GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); } /** @@ -139,7 +143,7 @@ Md5Init ( OUT VOID *Md5Context ) { - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); } /** @@ -164,7 +168,7 @@ Md5Duplicate ( OUT VOID *NewMd5Context ) { - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), FALSE); + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), FALSE, 7); } /** @@ -195,7 +199,7 @@ Md5Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE, 7); } /** @@ -227,7 +231,7 @@ Md5Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, 7); } /** @@ -256,7 +260,7 @@ Md5HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE, 7); } #endif @@ -278,7 +282,7 @@ Sha1GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); } /** @@ -301,7 +305,7 @@ Sha1Init ( OUT VOID *Sha1Context ) { - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); } /** @@ -326,7 +330,7 @@ Sha1Duplicate ( OUT VOID *NewSha1Context ) { - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), FALSE); + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), FALSE, 7); } /** @@ -357,7 +361,7 @@ Sha1Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), FALSE, 7); } /** @@ -389,7 +393,7 @@ Sha1Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, 7); } /** @@ -418,7 +422,7 @@ Sha1HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE, 7); } #endif @@ -435,7 +439,7 @@ Sha256GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); } /** @@ -456,7 +460,7 @@ Sha256Init ( OUT VOID *Sha256Context ) { - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); } /** @@ -481,7 +485,7 @@ Sha256Duplicate ( OUT VOID *NewSha256Context ) { - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, NewSha256Context), FALSE); + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, NewSha256Context), FALSE, 7); } /** @@ -510,7 +514,7 @@ Sha256Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), FALSE, 7); } /** @@ -540,7 +544,7 @@ Sha256Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE, 7); } /** @@ -569,7 +573,7 @@ Sha256HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), FALSE, 7); } /** @@ -584,7 +588,7 @@ Sha384GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); } /** @@ -605,7 +609,7 @@ Sha384Init ( OUT VOID *Sha384Context ) { - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); } /** @@ -630,7 +634,7 @@ Sha384Duplicate ( OUT VOID *NewSha384Context ) { - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, NewSha384Context), FALSE); + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, NewSha384Context), FALSE, 7); } /** @@ -659,7 +663,7 @@ Sha384Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), FALSE, 7); } /** @@ -689,7 +693,7 @@ Sha384Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE, 7); } /** @@ -718,7 +722,7 @@ Sha384HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), FALSE, 7); } /** @@ -733,7 +737,7 @@ Sha512GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); } /** @@ -754,7 +758,7 @@ Sha512Init ( OUT VOID *Sha512Context ) { - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); } /** @@ -779,7 +783,7 @@ Sha512Duplicate ( OUT VOID *NewSha512Context ) { - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, NewSha512Context), FALSE); + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, NewSha512Context), FALSE, 7); } /** @@ -808,7 +812,7 @@ Sha512Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), FALSE, 7); } /** @@ -838,7 +842,7 @@ Sha512Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE, 7); } /** @@ -867,7 +871,7 @@ Sha512HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), FALSE, 7); } /** @@ -899,7 +903,7 @@ ParallelHash256HashAll ( IN UINTN CustomByteLen ) { - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE); + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE, 8); } /** @@ -914,7 +918,7 @@ Sm3GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); } /** @@ -935,7 +939,7 @@ Sm3Init ( OUT VOID *Sm3Context ) { - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); } /** @@ -960,7 +964,7 @@ Sm3Duplicate ( OUT VOID *NewSm3Context ) { - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), FALSE); + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), FALSE, 7); } /** @@ -989,7 +993,7 @@ Sm3Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE, 7); } /** @@ -1019,7 +1023,7 @@ Sm3Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, 7); } /** @@ -1048,7 +1052,7 @@ Sm3HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE, 7); } // ===================================================================================== @@ -1068,7 +1072,7 @@ HmacSha256New ( VOID ) { - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); } /** @@ -1083,7 +1087,7 @@ HmacSha256Free ( IN VOID *HmacSha256Ctx ) { - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), 7); } /** @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( IN UINTN KeySize ) { - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, KeySize), FALSE, 7); } /** @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( OUT VOID *NewHmacSha256Context ) { - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, NewHmacSha256Context), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, NewHmacSha256Context), FALSE, 7); } /** @@ -1166,7 +1170,7 @@ HmacSha256Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, DataSize), FALSE, 7); } /** @@ -1198,7 +1202,7 @@ HmacSha256Final ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FALSE, 7); } /** @@ -1231,7 +1235,7 @@ HmacSha256All ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, HmacValue), FALSE, 9); } /** @@ -1247,7 +1251,7 @@ HmacSha384New ( VOID ) { - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); } /** @@ -1262,7 +1266,7 @@ HmacSha384Free ( IN VOID *HmacSha384Ctx ) { - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), 9); } /** @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( IN UINTN KeySize ) { - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, KeySize), FALSE, 9); } /** @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( OUT VOID *NewHmacSha384Context ) { - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, NewHmacSha384Context), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, NewHmacSha384Context), FALSE, 9); } /** @@ -1345,7 +1349,7 @@ HmacSha384Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, DataSize), FALSE, 9); } /** @@ -1377,7 +1381,7 @@ HmacSha384Final ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, HmacValue), FALSE, 9); } /** @@ -1410,7 +1414,7 @@ HmacSha384All ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, HmacValue), FALSE, 9); } // ===================================================================================== @@ -1432,7 +1436,7 @@ AesGetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); } /** @@ -1465,7 +1469,7 @@ AesInit ( IN UINTN KeyLength ) { - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, 7); } /** @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( OUT UINT8 *Output ) { - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE); + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE, 7); } /** @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( OUT UINT8 *Output ) { - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE); + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE, 7); } // ===================================================================================== @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( OUT UINTN *DataOutSize ) { - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, DataOutSize), FALSE); + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, DataOutSize), FALSE, 11); } /** @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( OUT UINTN *DataOutSize ) { - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), FALSE); + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), FALSE, 11); } // ===================================================================================== @@ -1662,7 +1666,7 @@ RsaNew ( VOID ) { - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); } /** @@ -1679,7 +1683,7 @@ RsaFree ( IN VOID *RsaContext ) { - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); } /** @@ -1713,7 +1717,7 @@ RsaSetKey ( IN UINTN BnSize ) { - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE); + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE, 7); } /** @@ -1753,7 +1757,7 @@ RsaGetKey ( IN OUT UINTN *BnSize ) { - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE); + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE, 7); } /** @@ -1788,7 +1792,7 @@ RsaGenerateKey ( IN UINTN PublicExponentSize ) { - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, PublicExponent, PublicExponentSize), FALSE); + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, PublicExponent, PublicExponentSize), FALSE, 7); } /** @@ -1818,7 +1822,7 @@ RsaCheckKey ( IN VOID *RsaContext ) { - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); } /** @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( IN OUT UINTN *SigSize ) { - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE, 7); } /** @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( IN UINTN SigSize ) { - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE, 7); } /** @@ -1923,7 +1927,7 @@ RsaPssVerify ( IN UINT16 SaltLen ) { - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, Signature, SigSize, DigestLen, SaltLen), FALSE); + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, Signature, SigSize, DigestLen, SaltLen), FALSE, 7); } /** @@ -1968,7 +1972,7 @@ RsaPssSign ( IN OUT UINTN *SigSize ) { - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, DigestLen, SaltLen, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, DigestLen, SaltLen, Signature, SigSize), FALSE, 7); } /** @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( OUT VOID **RsaContext ) { - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, Password, RsaContext), FALSE); + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, Password, RsaContext), FALSE, 7); } /** @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( OUT VOID **RsaContext ) { - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, RsaContext), FALSE); + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, RsaContext), FALSE, 7); } /** @@ -2059,7 +2063,7 @@ X509GetSubjectName ( IN OUT UINTN *SubjectSize ) { - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, SubjectSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, SubjectSize), FALSE, 7); } /** @@ -2097,7 +2101,7 @@ X509GetCommonName ( IN OUT UINTN *CommonNameSize ) { - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, CommonName, CommonNameSize), RETURN_UNSUPPORTED); + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); } /** @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( IN OUT UINTN *NameBufferSize ) { - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); } /** @@ -2165,7 +2169,7 @@ X509VerifyCert ( IN UINTN CACertSize ) { - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, CACertSize), FALSE); + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, CACertSize), FALSE, 7); } /** @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( OUT UINT8 **SingleX509Cert ) { - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, SingleX509Cert), FALSE); + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, SingleX509Cert), FALSE, 7); } /** @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( IN VA_LIST Args ) { - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), FALSE); + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), FALSE, 7); } /** @@ -2273,7 +2277,7 @@ X509Free ( IN VOID *X509Cert ) { - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); } /** @@ -2290,7 +2294,7 @@ X509StackFree ( IN VOID *X509Stack ) { - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); } /** @@ -2319,7 +2323,7 @@ X509GetTBSCert ( OUT UINTN *TBSCertSize ) { - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, TBSCertSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, TBSCertSize), FALSE, 7); } /** @@ -2346,7 +2350,7 @@ X509GetVersion ( OUT UINTN *Version ) { - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE); + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE, 16); } /** @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( IN OUT UINTN *SerialNumberSize ) { - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, SerialNumber, SerialNumberSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, SerialNumber, SerialNumberSize), FALSE, 16); } /** @@ -2412,7 +2416,7 @@ X509GetIssuerName ( IN OUT UINTN *CertIssuerSize ) { - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, CertIssuerSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, CertIssuerSize), FALSE, 16); } /** @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( IN OUT UINTN *OidSize ) { - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, OidSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, OidSize), FALSE, 16); } /** @@ -2476,7 +2480,7 @@ X509GetExtensionData ( IN OUT UINTN *ExtensionDataSize ) { - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, OidSize, ExtensionData, ExtensionDataSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); } /** @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( IN OUT UINTN *UsageSize ) { - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, UsageSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, UsageSize), FALSE, 16); } /** @@ -2540,7 +2544,7 @@ X509GetValidity ( IN OUT UINTN *ToSize ) { - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, To, ToSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, To, ToSize), FALSE, 16); } /** @@ -2574,7 +2578,7 @@ X509FormatDateTime ( IN OUT UINTN *DateTimeSize ) { - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, DateTimeSize), FALSE); + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, DateTimeSize), FALSE, 16); } /** @@ -2600,7 +2604,7 @@ X509CompareDateTime ( IN CONST VOID *DateTime2 ) { - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), FALSE); + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), FALSE, 16); } /** @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( OUT UINTN *Usage ) { - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE); + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE, 16); } /** @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( IN UINTN CertChainLength ) { - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, CertChain, CertChainLength), FALSE); + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, CertChain, CertChainLength), FALSE, 16); } /** @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( OUT UINTN *CertLength ) { - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, CertChainLength, CertIndex, Cert, CertLength), FALSE); + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); } /** @@ -2704,7 +2708,7 @@ Asn1GetTag ( IN UINT32 Tag ) { - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, 16); } /** @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( UINTN *BasicConstraintsSize ) { - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, BasicConstraints, BasicConstraintsSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, BasicConstraints, BasicConstraintsSize), FALSE, 16); } /** @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( OUT UINT8 *OutKey ) { - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, 7); } /** @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( OUT UINTN *EncryptedDataSize ) { - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), FALSE); + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), FALSE, 7); } /** @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( OUT UINTN *CertLength ) { - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, StackLength, TrustedCert, CertLength), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, StackLength, TrustedCert, CertLength), FALSE, 7); } /** @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( IN UINT8 *Certs ) { - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); } /** @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( OUT UINTN *UnchainLength ) { - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, 7); } /** @@ -2959,7 +2963,7 @@ Pkcs7Sign ( OUT UINTN *SignedDataSize ) { - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, SignedDataSize), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, SignedDataSize), FALSE, 7); } /** @@ -2995,7 +2999,7 @@ Pkcs7Verify ( IN UINTN DataLength ) { - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, CertLength, InData, DataLength), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, CertLength, InData, DataLength), FALSE, 7); } /** @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( IN BOOLEAN RequireAllPresent ) { - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE); + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE, 7); } /** @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( OUT UINTN *ContentSize ) { - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, Content, ContentSize), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, Content, ContentSize), FALSE, 7); } /** @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( IN UINTN HashSize ) { - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, TrustedCert, CertSize, ImageHash, HashSize), FALSE); + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); } /** @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( OUT EFI_TIME *SigningTime ) { - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE); + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE, 7); } // ===================================================================================== @@ -3164,7 +3168,7 @@ DhNew ( VOID ) { - CALL_CRYPTO_SERVICE (DhNew, (), NULL); + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); } /** @@ -3181,7 +3185,7 @@ DhFree ( IN VOID *DhContext ) { - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); } /** @@ -3217,7 +3221,7 @@ DhGenerateParameter ( OUT UINT8 *Prime ) { - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, PrimeLength, Prime), FALSE); + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, PrimeLength, Prime), FALSE, 7); } /** @@ -3252,7 +3256,7 @@ DhSetParameter ( IN CONST UINT8 *Prime ) { - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, PrimeLength, Prime), FALSE); + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, PrimeLength, Prime), FALSE, 7); } /** @@ -3287,7 +3291,7 @@ DhGenerateKey ( IN OUT UINTN *PublicKeySize ) { - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, PublicKeySize), FALSE); + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, PublicKeySize), FALSE, 7); } /** @@ -3326,7 +3330,7 @@ DhComputeKey ( IN OUT UINTN *KeySize ) { - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE, 7); } // ===================================================================================== @@ -3358,7 +3362,7 @@ RandomSeed ( IN UINTN SeedSize ) { - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); } /** @@ -3382,7 +3386,7 @@ RandomBytes ( IN UINTN Size ) { - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); } // ===================================================================================== @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); } /** @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( UINTN PrkOutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE, 10); } /** @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE, 10); } /** @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); } /** @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( UINTN PrkOutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE, 10); } /** @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE, 10); } /** @@ -3582,7 +3586,7 @@ TlsInitialize ( VOID ) { - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); } /** @@ -3597,7 +3601,7 @@ TlsCtxFree ( IN VOID *TlsCtx ) { - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); } /** @@ -3618,7 +3622,7 @@ TlsCtxNew ( IN UINT8 MinorVer ) { - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); } /** @@ -3636,7 +3640,7 @@ TlsFree ( IN VOID *Tls ) { - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); } /** @@ -3658,7 +3662,7 @@ TlsNew ( IN VOID *TlsCtx ) { - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); } /** @@ -3678,7 +3682,7 @@ TlsInHandshake ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); } /** @@ -3717,7 +3721,7 @@ TlsDoHandshake ( IN OUT UINTN *BufferOutSize ) { - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); } /** @@ -3755,7 +3759,7 @@ TlsHandleAlert ( IN OUT UINTN *BufferOutSize ) { - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); } /** @@ -3784,7 +3788,7 @@ TlsCloseNotify ( IN OUT UINTN *BufferSize ) { - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), EFI_UNSUPPORTED, 7); } /** @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3860,7 +3864,7 @@ TlsRead ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3886,7 +3890,7 @@ TlsWrite ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3908,7 +3912,7 @@ TlsShutdown ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); } /** @@ -3933,7 +3937,7 @@ TlsSetVersion ( IN UINT8 MinorVer ) { - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), EFI_UNSUPPORTED, 7); } /** @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( IN BOOLEAN IsServer ) { - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), EFI_UNSUPPORTED, 7); } /** @@ -3985,7 +3989,7 @@ TlsSetCipherList ( IN UINTN CipherNum ) { - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), EFI_UNSUPPORTED, 7); } /** @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( IN UINT8 CompMethod ) { - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), EFI_UNSUPPORTED, 7); } /** @@ -4025,7 +4029,7 @@ TlsSetVerify ( IN UINT32 VerifyMode ) { - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); } /** @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( IN CHAR8 *HostName ) { - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), EFI_UNSUPPORTED, 7); } /** @@ -4074,7 +4078,7 @@ TlsSetSessionId ( IN UINT16 SessionIdLen ) { - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED, 7); } /** @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( IN VOID *Password OPTIONAL ) { - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, Password), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, Password), EFI_UNSUPPORTED, 14); } /** @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED, 14); } /** @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), EFI_UNSUPPORTED, 14); } /** @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), EFI_UNSUPPORTED, 14); } /** @@ -4286,7 +4290,7 @@ TlsGetVersion ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); } /** @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); } /** @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( IN OUT UINT16 *CipherId ) { - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), EFI_UNSUPPORTED, 7); } /** @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( IN OUT UINT8 *CompressionId ) { - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, CompressionId), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, CompressionId), EFI_UNSUPPORTED, 7); } /** @@ -4380,7 +4384,7 @@ TlsGetVerify ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); } /** @@ -4406,7 +4410,7 @@ TlsGetSessionId ( IN OUT UINT16 *SessionIdLen ) { - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED, 7); } /** @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( IN OUT UINT8 *ClientRandom ) { - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom)); + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom), 7); } /** @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( IN OUT UINT8 *ServerRandom ) { - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom)); + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom), 7); } /** @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( IN OUT UINT8 *KeyMaterial ) { - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), EFI_UNSUPPORTED, 7); } /** @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4615,7 +4619,8 @@ TlsGetExportKey ( TlsGetExportKey, (Tls, Label, Context, ContextLen, KeyBuffer, KeyBufferLen), - EFI_UNSUPPORTED + EFI_UNSUPPORTED, + 14 ); } @@ -4634,7 +4639,7 @@ BigNumInit ( VOID ) { - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); } /** @@ -4652,7 +4657,7 @@ BigNumFromBin ( IN UINTN Len ) { - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); } /** @@ -4671,7 +4676,7 @@ BigNumToBin ( OUT UINT8 *Buf ) { - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); } /** @@ -4687,7 +4692,7 @@ BigNumFree ( IN BOOLEAN Clear ) { - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); } /** @@ -4710,7 +4715,7 @@ BigNumAdd ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4733,7 +4738,7 @@ BigNumSub ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4756,7 +4761,7 @@ BigNumMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4781,7 +4786,7 @@ BigNumExpMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE, 12); } /** @@ -4804,7 +4809,7 @@ BigNumInverseMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE, 12); } /** @@ -4827,7 +4832,7 @@ BigNumDiv ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4852,7 +4857,7 @@ BigNumMulMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE, 12); } /** @@ -4872,7 +4877,7 @@ BigNumCmp ( IN CONST VOID *BnB ) { - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); } /** @@ -4888,7 +4893,7 @@ BigNumBits ( IN CONST VOID *Bn ) { - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); } /** @@ -4904,7 +4909,7 @@ BigNumBytes ( IN CONST VOID *Bn ) { - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); } /** @@ -4923,7 +4928,7 @@ BigNumIsWord ( IN UINTN Num ) { - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); } /** @@ -4940,7 +4945,7 @@ BigNumIsOdd ( IN CONST VOID *Bn ) { - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); } /** @@ -4959,7 +4964,7 @@ BigNumCopy ( IN CONST VOID *BnSrc ) { - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); } /** @@ -4974,7 +4979,7 @@ BigNumValueOne ( VOID ) { - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); } /** @@ -4997,7 +5002,7 @@ BigNumRShift ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); } /** @@ -5013,7 +5018,7 @@ BigNumConstTime ( IN VOID *Bn ) { - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); } /** @@ -5036,7 +5041,7 @@ BigNumSqrMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, 12); } /** @@ -5052,7 +5057,7 @@ BigNumNewContext ( VOID ) { - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); } /** @@ -5066,7 +5071,7 @@ BigNumContextFree ( IN VOID *BnCtx ) { - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); } /** @@ -5085,7 +5090,7 @@ BigNumSetUint ( IN UINTN Val ) { - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); } /** @@ -5108,7 +5113,7 @@ BigNumAddMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE, 12); } /** @@ -5128,7 +5133,7 @@ EcGroupInit ( IN UINTN CryptoNid ) { - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); } /** @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, BnCtx), FALSE, 13); } /** @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( OUT VOID *BnOrder ) { - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE, 13); } /** @@ -5192,7 +5197,7 @@ EcGroupFree ( IN VOID *EcGroup ) { - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); } /** @@ -5210,7 +5215,7 @@ EcPointInit ( IN CONST VOID *EcGroup ) { - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); } /** @@ -5226,7 +5231,7 @@ EcPointDeInit ( IN BOOLEAN Clear ) { - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); } /** @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE, 13); } /** @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE, 13); } /** @@ -5305,7 +5310,7 @@ EcPointAdd ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, EcPointB, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, EcPointB, BnCtx), FALSE, 13); } /** @@ -5331,7 +5336,7 @@ EcPointMul ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, BnPScalar, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, BnPScalar, BnCtx), FALSE, 13); } /** @@ -5352,7 +5357,7 @@ EcPointInvert ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE, 13); } /** @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), FALSE, 13); } /** @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( IN CONST VOID *EcPoint ) { - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, 13); } /** @@ -5415,7 +5420,7 @@ EcPointEqual ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, BnCtx), FALSE, 13); } /** @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, EcPoint, BnX, YBit, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, EcPoint, BnX, YBit, BnCtx), FALSE, 13); } /** @@ -5462,7 +5467,7 @@ EcNewByNid ( IN UINTN Nid ) { - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); } /** @@ -5476,7 +5481,7 @@ EcFree ( IN VOID *EcContext ) { - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); } /** @@ -5513,7 +5518,7 @@ EcGenerateKey ( IN OUT UINTN *PublicKeySize ) { - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, PublicKeySize), FALSE); + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, PublicKeySize), FALSE, 13); } /** @@ -5538,7 +5543,7 @@ EcGetPubKey ( IN OUT UINTN *PublicKeySize ) { - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize), FALSE); + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize), FALSE, 13); } /** @@ -5577,7 +5582,7 @@ EcDhComputeKey ( IN OUT UINTN *KeySize ) { - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, PeerPublicSize, CompressFlag, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); } /** @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( OUT VOID **EcContext ) { - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, EcContext), FALSE); + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, EcContext), FALSE, 15); } /** @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( OUT VOID **EcContext ) { - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, Password, EcContext), FALSE); + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, Password, EcContext), FALSE, 15); } /** @@ -5676,7 +5681,7 @@ EcDsaSign ( IN OUT UINTN *SigSize ) { - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE, 15); } /** @@ -5713,5 +5718,5 @@ EcDsaVerify ( IN UINTN SigSize ) { - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE, 15); } diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c index dc7527bb01..fe9cdc0d4d 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( ) { EFI_STATUS Status; - UINTN Version; Status = gBS->LocateProtocol ( &gEdkiiCryptoProtocolGuid, @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( return EFI_NOT_FOUND; } - Version = mCryptoProtocol->GetVersion (); - if (Version < EDKII_CRYPTO_VERSION) { - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported version %d\n", Version)); - ASSERT (Version >= EDKII_CRYPTO_VERSION); - mCryptoProtocol = NULL; - return EFI_NOT_FOUND; - } - return EFI_SUCCESS; } diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c index 51f858302f..6ad1d3afe0 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c @@ -30,7 +30,6 @@ GetCryptoServices ( { EFI_STATUS Status; EDKII_CRYPTO_PPI *CryptoPpi; - UINTN Version; CryptoPpi = NULL; Status = PeiServicesLocatePpi ( @@ -46,12 +45,5 @@ GetCryptoServices ( return NULL; } - Version = CryptoPpi->GetVersion (); - if (Version < EDKII_CRYPTO_VERSION) { - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported version %d\n", Version)); - ASSERT (Version >= EDKII_CRYPTO_VERSION); - return NULL; - } - return (VOID *)CryptoPpi; } diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c index be0f44e63b..6c7c75c8a7 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( ) { EFI_STATUS Status; - UINTN Version; Status = gSmst->SmmLocateProtocol ( &gEdkiiSmmCryptoProtocolGuid, @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( return EFI_NOT_FOUND; } - Version = mSmmCryptoProtocol->GetVersion (); - if (Version < EDKII_CRYPTO_VERSION) { - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol unsupported version %d\n", Version)); - ASSERT (Version >= EDKII_CRYPTO_VERSION); - mSmmCryptoProtocol = NULL; - return EFI_NOT_FOUND; - } - return EFI_SUCCESS; } -- 2.31.1.windows.1 ^ permalink raw reply related [flat|nested] 9+ messages in thread
[parent not found: <17321DB57D822CE7.23615@groups.io>]
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible [not found] ` <17321DB57D822CE7.23615@groups.io> @ 2023-01-04 2:03 ` Li, Yi 2023-01-06 10:06 ` Yao, Jiewen 0 siblings, 1 reply; 9+ messages in thread From: Li, Yi @ 2023-01-04 2:03 UTC (permalink / raw) To: devel@edk2.groups.io, Li, Yi1 Cc: Yao, Jiewen, Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin Hi, any comments about this BZ and patch? Code link: https://github.com/tianocore/edk2/pull/3787 -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, Yi Sent: Monday, December 19, 2022 2:24 PM To: devel@edk2.groups.io Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com> Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 Using older Crypto protocol will be allowed. Each function wrapper will be annotated to require a minimum required version of the crypto protocol and assert if called when the version is not compatible. Ths minimum version difined as the version when the API was introduced. Details: ///Parallel hash: MinVersion 8 ParallelHash256HashAll, /// HMAC SHA256 (continued): MinVersion 9 HmacSha256All, /// HMAC SHA384: MinVersion 9 HmacSha384New, ... HmacSha384All, /// HKDF (continued): MinVersion 10 HkdfSha256Extract, ... HkdfSha384Expand, /// Aead Aes GCM: MinVersion 11 AeadAesGcmEncrypt, AeadAesGcmDecrypt, /// Big Numbers: MinVersion 12 BigNumInit, ... BigNumAddMod, /// EC: MinVersion 13 EcGroupInit, ... EcDhComputeKey, /// TLS (continued): MinVersion 14 TlsShutdown, ... TlsGetExportKey, /// Ec (Continued): MinVersion 15 EcGetPublicKeyFromX509, ... EcDsaVerify, /// X509 (Continued): MinVersion 16 X509GetVersion, ... X509GetExtendedBasicConstraints /// Others: MinVersion 7 Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> Cc: Guomin Jiang <guomin.jiang@intel.com> Signed-off-by: Yi Li <yi1.li@intel.com> --- .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - 4 files changed, 227 insertions(+), 248 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c index 4e31bc278e..e470a0f0d4 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c @@ -24,18 +24,20 @@ @param Args The argument list to pass to Function. @param ErrorReturnValue The value to return if the protocol is NULL or the service in the protocol is NULL. - -**/ -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) \ - do { \ - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ - \ - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ - return (CryptoServices->Function) Args; \ - } \ - CryptoServiceNotAvailable (#Function); \ - return ErrorReturnValue; \ + @param MinVersion The minimum protocol version that supports the API. + +**/ +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, MinVersion) \ + do { \ + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ + \ + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ + CryptoServices->GetVersion () >= MinVersion) { \ + return (CryptoServices->Function) Args; \ + } \ + CryptoServiceNotAvailable (#Function); \ + return ErrorReturnValue; \ } while (FALSE); /** @@ -45,14 +47,16 @@ @param Function Name of the EDK II Crypto Protocol service to call. @param Args The argument list to pass to Function. + @param MinVersion The minimum protocol version that supports the API. **/ -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) \ do { \ EDKII_CRYPTO_PROTOCOL *CryptoServices; \ \ CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ + CryptoServices->GetVersion () >= MinVersion) { \ (CryptoServices->Function) Args; \ return; \ } \ @@ -116,7 +120,7 @@ Md5GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); } /** @@ -139,7 +143,7 @@ Md5Init ( OUT VOID *Md5Context ) { - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); } /** @@ -164,7 +168,7 @@ Md5Duplicate ( OUT VOID *NewMd5Context ) { - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), FALSE); + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), FALSE, 7); } /** @@ -195,7 +199,7 @@ Md5Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE, 7); } /** @@ -227,7 +231,7 @@ Md5Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, 7); } /** @@ -256,7 +260,7 @@ Md5HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE, 7); } #endif @@ -278,7 +282,7 @@ Sha1GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); } /** @@ -301,7 +305,7 @@ Sha1Init ( OUT VOID *Sha1Context ) { - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); } /** @@ -326,7 +330,7 @@ Sha1Duplicate ( OUT VOID *NewSha1Context ) { - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), FALSE); + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), FALSE, 7); } /** @@ -357,7 +361,7 @@ Sha1Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), FALSE, 7); } /** @@ -389,7 +393,7 @@ Sha1Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, 7); } /** @@ -418,7 +422,7 @@ Sha1HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE, 7); } #endif @@ -435,7 +439,7 @@ Sha256GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); } /** @@ -456,7 +460,7 @@ Sha256Init ( OUT VOID *Sha256Context ) { - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); } /** @@ -481,7 +485,7 @@ Sha256Duplicate ( OUT VOID *NewSha256Context ) { - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, NewSha256Context), FALSE); + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, NewSha256Context), FALSE, 7); } /** @@ -510,7 +514,7 @@ Sha256Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), FALSE, 7); } /** @@ -540,7 +544,7 @@ Sha256Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE, 7); } /** @@ -569,7 +573,7 @@ Sha256HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), FALSE, 7); } /** @@ -584,7 +588,7 @@ Sha384GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); } /** @@ -605,7 +609,7 @@ Sha384Init ( OUT VOID *Sha384Context ) { - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); } /** @@ -630,7 +634,7 @@ Sha384Duplicate ( OUT VOID *NewSha384Context ) { - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, NewSha384Context), FALSE); + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, NewSha384Context), FALSE, 7); } /** @@ -659,7 +663,7 @@ Sha384Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), FALSE, 7); } /** @@ -689,7 +693,7 @@ Sha384Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE, 7); } /** @@ -718,7 +722,7 @@ Sha384HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), FALSE, 7); } /** @@ -733,7 +737,7 @@ Sha512GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); } /** @@ -754,7 +758,7 @@ Sha512Init ( OUT VOID *Sha512Context ) { - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); } /** @@ -779,7 +783,7 @@ Sha512Duplicate ( OUT VOID *NewSha512Context ) { - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, NewSha512Context), FALSE); + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, NewSha512Context), FALSE, 7); } /** @@ -808,7 +812,7 @@ Sha512Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), FALSE, 7); } /** @@ -838,7 +842,7 @@ Sha512Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE, 7); } /** @@ -867,7 +871,7 @@ Sha512HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), FALSE, 7); } /** @@ -899,7 +903,7 @@ ParallelHash256HashAll ( IN UINTN CustomByteLen ) { - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE); + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE, 8); } /** @@ -914,7 +918,7 @@ Sm3GetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); } /** @@ -935,7 +939,7 @@ Sm3Init ( OUT VOID *Sm3Context ) { - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); } /** @@ -960,7 +964,7 @@ Sm3Duplicate ( OUT VOID *NewSm3Context ) { - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), FALSE); + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), FALSE, 7); } /** @@ -989,7 +993,7 @@ Sm3Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE, 7); } /** @@ -1019,7 +1023,7 @@ Sm3Final ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, 7); } /** @@ -1048,7 +1052,7 @@ Sm3HashAll ( OUT UINT8 *HashValue ) { - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE); + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE, 7); } // ===================================================================================== @@ -1068,7 +1072,7 @@ HmacSha256New ( VOID ) { - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); } /** @@ -1083,7 +1087,7 @@ HmacSha256Free ( IN VOID *HmacSha256Ctx ) { - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), 7); } /** @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( IN UINTN KeySize ) { - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, KeySize), FALSE, 7); } /** @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( OUT VOID *NewHmacSha256Context ) { - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, NewHmacSha256Context), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, NewHmacSha256Context), FALSE, 7); } /** @@ -1166,7 +1170,7 @@ HmacSha256Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, DataSize), FALSE, 7); } /** @@ -1198,7 +1202,7 @@ HmacSha256Final ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FALSE, 7); } /** @@ -1231,7 +1235,7 @@ HmacSha256All ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, HmacValue), FALSE, 9); } /** @@ -1247,7 +1251,7 @@ HmacSha384New ( VOID ) { - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); } /** @@ -1262,7 +1266,7 @@ HmacSha384Free ( IN VOID *HmacSha384Ctx ) { - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), 9); } /** @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( IN UINTN KeySize ) { - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, KeySize), FALSE, 9); } /** @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( OUT VOID *NewHmacSha384Context ) { - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, NewHmacSha384Context), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, NewHmacSha384Context), FALSE, 9); } /** @@ -1345,7 +1349,7 @@ HmacSha384Update ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, DataSize), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, DataSize), FALSE, 9); } /** @@ -1377,7 +1381,7 @@ HmacSha384Final ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, HmacValue), FALSE, 9); } /** @@ -1410,7 +1414,7 @@ HmacSha384All ( OUT UINT8 *HmacValue ) { - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, HmacValue), FALSE); + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, HmacValue), FALSE, 9); } // ===================================================================================== @@ -1432,7 +1436,7 @@ AesGetContextSize ( VOID ) { - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); } /** @@ -1465,7 +1469,7 @@ AesInit ( IN UINTN KeyLength ) { - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, 7); } /** @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( OUT UINT8 *Output ) { - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE); + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE, 7); } /** @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( OUT UINT8 *Output ) { - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE); + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE, 7); } // ===================================================================================== @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( OUT UINTN *DataOutSize ) { - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, DataOutSize), FALSE); + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, DataOutSize), FALSE, 11); } /** @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( OUT UINTN *DataOutSize ) { - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), FALSE); + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), FALSE, 11); } // ===================================================================================== @@ -1662,7 +1666,7 @@ RsaNew ( VOID ) { - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); } /** @@ -1679,7 +1683,7 @@ RsaFree ( IN VOID *RsaContext ) { - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); } /** @@ -1713,7 +1717,7 @@ RsaSetKey ( IN UINTN BnSize ) { - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE); + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE, 7); } /** @@ -1753,7 +1757,7 @@ RsaGetKey ( IN OUT UINTN *BnSize ) { - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE); + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, BnSize), FALSE, 7); } /** @@ -1788,7 +1792,7 @@ RsaGenerateKey ( IN UINTN PublicExponentSize ) { - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, PublicExponent, PublicExponentSize), FALSE); + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, PublicExponent, PublicExponentSize), FALSE, 7); } /** @@ -1818,7 +1822,7 @@ RsaCheckKey ( IN VOID *RsaContext ) { - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); } /** @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( IN OUT UINTN *SigSize ) { - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE, 7); } /** @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( IN UINTN SigSize ) { - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, HashSize, Signature, SigSize), FALSE, 7); } /** @@ -1923,7 +1927,7 @@ RsaPssVerify ( IN UINT16 SaltLen ) { - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, Signature, SigSize, DigestLen, SaltLen), FALSE); + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, Signature, SigSize, DigestLen, SaltLen), FALSE, 7); } /** @@ -1968,7 +1972,7 @@ RsaPssSign ( IN OUT UINTN *SigSize ) { - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, DigestLen, SaltLen, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, DigestLen, SaltLen, Signature, SigSize), FALSE, 7); } /** @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( OUT VOID **RsaContext ) { - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, Password, RsaContext), FALSE); + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, Password, RsaContext), FALSE, 7); } /** @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( OUT VOID **RsaContext ) { - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, RsaContext), FALSE); + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, RsaContext), FALSE, 7); } /** @@ -2059,7 +2063,7 @@ X509GetSubjectName ( IN OUT UINTN *SubjectSize ) { - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, SubjectSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, SubjectSize), FALSE, 7); } /** @@ -2097,7 +2101,7 @@ X509GetCommonName ( IN OUT UINTN *CommonNameSize ) { - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, CommonName, CommonNameSize), RETURN_UNSUPPORTED); + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); } /** @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( IN OUT UINTN *NameBufferSize ) { - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); } /** @@ -2165,7 +2169,7 @@ X509VerifyCert ( IN UINTN CACertSize ) { - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, CACertSize), FALSE); + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, CACertSize), FALSE, 7); } /** @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( OUT UINT8 **SingleX509Cert ) { - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, SingleX509Cert), FALSE); + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, SingleX509Cert), FALSE, 7); } /** @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( IN VA_LIST Args ) { - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), FALSE); + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), FALSE, 7); } /** @@ -2273,7 +2277,7 @@ X509Free ( IN VOID *X509Cert ) { - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); } /** @@ -2290,7 +2294,7 @@ X509StackFree ( IN VOID *X509Stack ) { - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); } /** @@ -2319,7 +2323,7 @@ X509GetTBSCert ( OUT UINTN *TBSCertSize ) { - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, TBSCertSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, TBSCertSize), FALSE, 7); } /** @@ -2346,7 +2350,7 @@ X509GetVersion ( OUT UINTN *Version ) { - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE); + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE, 16); } /** @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( IN OUT UINTN *SerialNumberSize ) { - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, SerialNumber, SerialNumberSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, SerialNumber, SerialNumberSize), FALSE, 16); } /** @@ -2412,7 +2416,7 @@ X509GetIssuerName ( IN OUT UINTN *CertIssuerSize ) { - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, CertIssuerSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, CertIssuerSize), FALSE, 16); } /** @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( IN OUT UINTN *OidSize ) { - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, OidSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, OidSize), FALSE, 16); } /** @@ -2476,7 +2480,7 @@ X509GetExtensionData ( IN OUT UINTN *ExtensionDataSize ) { - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, OidSize, ExtensionData, ExtensionDataSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); } /** @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( IN OUT UINTN *UsageSize ) { - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, UsageSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, UsageSize), FALSE, 16); } /** @@ -2540,7 +2544,7 @@ X509GetValidity ( IN OUT UINTN *ToSize ) { - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, To, ToSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, To, ToSize), FALSE, 16); } /** @@ -2574,7 +2578,7 @@ X509FormatDateTime ( IN OUT UINTN *DateTimeSize ) { - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, DateTimeSize), FALSE); + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, DateTimeSize), FALSE, 16); } /** @@ -2600,7 +2604,7 @@ X509CompareDateTime ( IN CONST VOID *DateTime2 ) { - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), FALSE); + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), FALSE, 16); } /** @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( OUT UINTN *Usage ) { - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE); + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE, 16); } /** @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( IN UINTN CertChainLength ) { - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, CertChain, CertChainLength), FALSE); + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, CertChain, CertChainLength), FALSE, 16); } /** @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( OUT UINTN *CertLength ) { - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, CertChainLength, CertIndex, Cert, CertLength), FALSE); + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); } /** @@ -2704,7 +2708,7 @@ Asn1GetTag ( IN UINT32 Tag ) { - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, 16); } /** @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( UINTN *BasicConstraintsSize ) { - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, BasicConstraints, BasicConstraintsSize), FALSE); + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, BasicConstraints, BasicConstraintsSize), FALSE, 16); } /** @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( OUT UINT8 *OutKey ) { - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, 7); } /** @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( OUT UINTN *EncryptedDataSize ) { - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), FALSE); + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), FALSE, 7); } /** @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( OUT UINTN *CertLength ) { - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, StackLength, TrustedCert, CertLength), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, StackLength, TrustedCert, CertLength), FALSE, 7); } /** @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( IN UINT8 *Certs ) { - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); } /** @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( OUT UINTN *UnchainLength ) { - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, 7); } /** @@ -2959,7 +2963,7 @@ Pkcs7Sign ( OUT UINTN *SignedDataSize ) { - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, SignedDataSize), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, SignedDataSize), FALSE, 7); } /** @@ -2995,7 +2999,7 @@ Pkcs7Verify ( IN UINTN DataLength ) { - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, CertLength, InData, DataLength), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, CertLength, InData, DataLength), FALSE, 7); } /** @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( IN BOOLEAN RequireAllPresent ) { - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE); + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE, 7); } /** @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( OUT UINTN *ContentSize ) { - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, Content, ContentSize), FALSE); + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, Content, ContentSize), FALSE, 7); } /** @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( IN UINTN HashSize ) { - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, TrustedCert, CertSize, ImageHash, HashSize), FALSE); + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); } /** @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( OUT EFI_TIME *SigningTime ) { - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE); + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, TsaCert, CertSize, SigningTime), FALSE, 7); } // ===================================================================================== @@ -3164,7 +3168,7 @@ DhNew ( VOID ) { - CALL_CRYPTO_SERVICE (DhNew, (), NULL); + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); } /** @@ -3181,7 +3185,7 @@ DhFree ( IN VOID *DhContext ) { - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); } /** @@ -3217,7 +3221,7 @@ DhGenerateParameter ( OUT UINT8 *Prime ) { - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, PrimeLength, Prime), FALSE); + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, PrimeLength, Prime), FALSE, 7); } /** @@ -3252,7 +3256,7 @@ DhSetParameter ( IN CONST UINT8 *Prime ) { - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, PrimeLength, Prime), FALSE); + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, PrimeLength, Prime), FALSE, 7); } /** @@ -3287,7 +3291,7 @@ DhGenerateKey ( IN OUT UINTN *PublicKeySize ) { - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, PublicKeySize), FALSE); + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, PublicKeySize), FALSE, 7); } /** @@ -3326,7 +3330,7 @@ DhComputeKey ( IN OUT UINTN *KeySize ) { - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, PeerPublicKeySize, Key, KeySize), FALSE, 7); } // ===================================================================================== @@ -3358,7 +3362,7 @@ RandomSeed ( IN UINTN SeedSize ) { - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); } /** @@ -3382,7 +3386,7 @@ RandomBytes ( IN UINTN Size ) { - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); } // ===================================================================================== @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); } /** @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( UINTN PrkOutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE, 10); } /** @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE, 10); } /** @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); } /** @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( UINTN PrkOutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, PrkOut, PrkOutSize), FALSE, 10); } /** @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( IN UINTN OutSize ) { - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE); + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, Out, OutSize), FALSE, 10); } /** @@ -3582,7 +3586,7 @@ TlsInitialize ( VOID ) { - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); } /** @@ -3597,7 +3601,7 @@ TlsCtxFree ( IN VOID *TlsCtx ) { - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); } /** @@ -3618,7 +3622,7 @@ TlsCtxNew ( IN UINT8 MinorVer ) { - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); } /** @@ -3636,7 +3640,7 @@ TlsFree ( IN VOID *Tls ) { - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); } /** @@ -3658,7 +3662,7 @@ TlsNew ( IN VOID *TlsCtx ) { - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); } /** @@ -3678,7 +3682,7 @@ TlsInHandshake ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); } /** @@ -3717,7 +3721,7 @@ TlsDoHandshake ( IN OUT UINTN *BufferOutSize ) { - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); } /** @@ -3755,7 +3759,7 @@ TlsHandleAlert ( IN OUT UINTN *BufferOutSize ) { - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); } /** @@ -3784,7 +3788,7 @@ TlsCloseNotify ( IN OUT UINTN *BufferSize ) { - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), EFI_UNSUPPORTED, 7); } /** @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3860,7 +3864,7 @@ TlsRead ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3886,7 +3890,7 @@ TlsWrite ( IN UINTN BufferSize ) { - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); } /** @@ -3908,7 +3912,7 @@ TlsShutdown ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); } /** @@ -3933,7 +3937,7 @@ TlsSetVersion ( IN UINT8 MinorVer ) { - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), EFI_UNSUPPORTED, 7); } /** @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( IN BOOLEAN IsServer ) { - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), EFI_UNSUPPORTED, 7); } /** @@ -3985,7 +3989,7 @@ TlsSetCipherList ( IN UINTN CipherNum ) { - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), EFI_UNSUPPORTED, 7); } /** @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( IN UINT8 CompMethod ) { - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), EFI_UNSUPPORTED, 7); } /** @@ -4025,7 +4029,7 @@ TlsSetVerify ( IN UINT32 VerifyMode ) { - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); } /** @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( IN CHAR8 *HostName ) { - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), EFI_UNSUPPORTED, 7); } /** @@ -4074,7 +4078,7 @@ TlsSetSessionId ( IN UINT16 SessionIdLen ) { - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED, 7); } /** @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( IN VOID *Password OPTIONAL ) { - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, Password), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, Password), EFI_UNSUPPORTED, 14); } /** @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED, 14); } /** @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), EFI_UNSUPPORTED, 14); } /** @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( IN UINTN DataSize ) { - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), EFI_UNSUPPORTED, 14); } /** @@ -4286,7 +4290,7 @@ TlsGetVersion ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); } /** @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); } /** @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( IN OUT UINT16 *CipherId ) { - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), EFI_UNSUPPORTED, 7); } /** @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( IN OUT UINT8 *CompressionId ) { - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, CompressionId), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, CompressionId), EFI_UNSUPPORTED, 7); } /** @@ -4380,7 +4384,7 @@ TlsGetVerify ( IN VOID *Tls ) { - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); } /** @@ -4406,7 +4410,7 @@ TlsGetSessionId ( IN OUT UINT16 *SessionIdLen ) { - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), EFI_UNSUPPORTED, 7); } /** @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( IN OUT UINT8 *ClientRandom ) { - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom)); + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom), 7); } /** @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( IN OUT UINT8 *ServerRandom ) { - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom)); + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom), 7); } /** @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( IN OUT UINT8 *KeyMaterial ) { - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), EFI_UNSUPPORTED, 7); } /** @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( IN OUT UINTN *DataSize ) { - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED); + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED, 7); } /** @@ -4615,7 +4619,8 @@ TlsGetExportKey ( TlsGetExportKey, (Tls, Label, Context, ContextLen, KeyBuffer, KeyBufferLen), - EFI_UNSUPPORTED + EFI_UNSUPPORTED, + 14 ); } @@ -4634,7 +4639,7 @@ BigNumInit ( VOID ) { - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); } /** @@ -4652,7 +4657,7 @@ BigNumFromBin ( IN UINTN Len ) { - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); } /** @@ -4671,7 +4676,7 @@ BigNumToBin ( OUT UINT8 *Buf ) { - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); } /** @@ -4687,7 +4692,7 @@ BigNumFree ( IN BOOLEAN Clear ) { - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); } /** @@ -4710,7 +4715,7 @@ BigNumAdd ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4733,7 +4738,7 @@ BigNumSub ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4756,7 +4761,7 @@ BigNumMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4781,7 +4786,7 @@ BigNumExpMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE, 12); } /** @@ -4804,7 +4809,7 @@ BigNumInverseMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE, 12); } /** @@ -4827,7 +4832,7 @@ BigNumDiv ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); } /** @@ -4852,7 +4857,7 @@ BigNumMulMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE, 12); } /** @@ -4872,7 +4877,7 @@ BigNumCmp ( IN CONST VOID *BnB ) { - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); } /** @@ -4888,7 +4893,7 @@ BigNumBits ( IN CONST VOID *Bn ) { - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); } /** @@ -4904,7 +4909,7 @@ BigNumBytes ( IN CONST VOID *Bn ) { - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); } /** @@ -4923,7 +4928,7 @@ BigNumIsWord ( IN UINTN Num ) { - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); } /** @@ -4940,7 +4945,7 @@ BigNumIsOdd ( IN CONST VOID *Bn ) { - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); } /** @@ -4959,7 +4964,7 @@ BigNumCopy ( IN CONST VOID *BnSrc ) { - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); } /** @@ -4974,7 +4979,7 @@ BigNumValueOne ( VOID ) { - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); } /** @@ -4997,7 +5002,7 @@ BigNumRShift ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); } /** @@ -5013,7 +5018,7 @@ BigNumConstTime ( IN VOID *Bn ) { - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); } /** @@ -5036,7 +5041,7 @@ BigNumSqrMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, 12); } /** @@ -5052,7 +5057,7 @@ BigNumNewContext ( VOID ) { - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); } /** @@ -5066,7 +5071,7 @@ BigNumContextFree ( IN VOID *BnCtx ) { - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); } /** @@ -5085,7 +5090,7 @@ BigNumSetUint ( IN UINTN Val ) { - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); } /** @@ -5108,7 +5113,7 @@ BigNumAddMod ( OUT VOID *BnRes ) { - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE); + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE, 12); } /** @@ -5128,7 +5133,7 @@ EcGroupInit ( IN UINTN CryptoNid ) { - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); } /** @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, BnCtx), FALSE, 13); } /** @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( OUT VOID *BnOrder ) { - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE, 13); } /** @@ -5192,7 +5197,7 @@ EcGroupFree ( IN VOID *EcGroup ) { - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); } /** @@ -5210,7 +5215,7 @@ EcPointInit ( IN CONST VOID *EcGroup ) { - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); } /** @@ -5226,7 +5231,7 @@ EcPointDeInit ( IN BOOLEAN Clear ) { - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); } /** @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE, 13); } /** @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE, 13); } /** @@ -5305,7 +5310,7 @@ EcPointAdd ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, EcPointB, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, EcPointB, BnCtx), FALSE, 13); } /** @@ -5331,7 +5336,7 @@ EcPointMul ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, BnPScalar, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, BnPScalar, BnCtx), FALSE, 13); } /** @@ -5352,7 +5357,7 @@ EcPointInvert ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE, 13); } /** @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), FALSE, 13); } /** @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( IN CONST VOID *EcPoint ) { - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, 13); } /** @@ -5415,7 +5420,7 @@ EcPointEqual ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, BnCtx), FALSE, 13); } /** @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( IN VOID *BnCtx ) { - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, EcPoint, BnX, YBit, BnCtx), FALSE); + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, EcPoint, BnX, YBit, BnCtx), FALSE, 13); } /** @@ -5462,7 +5467,7 @@ EcNewByNid ( IN UINTN Nid ) { - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); } /** @@ -5476,7 +5481,7 @@ EcFree ( IN VOID *EcContext ) { - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); } /** @@ -5513,7 +5518,7 @@ EcGenerateKey ( IN OUT UINTN *PublicKeySize ) { - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, PublicKeySize), FALSE); + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, PublicKeySize), FALSE, 13); } /** @@ -5538,7 +5543,7 @@ EcGetPubKey ( IN OUT UINTN *PublicKeySize ) { - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize), FALSE); + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize), FALSE, 13); } /** @@ -5577,7 +5582,7 @@ EcDhComputeKey ( IN OUT UINTN *KeySize ) { - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, PeerPublicSize, CompressFlag, Key, KeySize), FALSE); + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); } /** @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( OUT VOID **EcContext ) { - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, EcContext), FALSE); + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, EcContext), FALSE, 15); } /** @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( OUT VOID **EcContext ) { - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, Password, EcContext), FALSE); + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, Password, EcContext), FALSE, 15); } /** @@ -5676,7 +5681,7 @@ EcDsaSign ( IN OUT UINTN *SigSize ) { - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE, 15); } /** @@ -5713,5 +5718,5 @@ EcDsaVerify ( IN UINTN SigSize ) { - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE); + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, HashSize, Signature, SigSize), FALSE, 15); } diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c index dc7527bb01..fe9cdc0d4d 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( ) { EFI_STATUS Status; - UINTN Version; Status = gBS->LocateProtocol ( &gEdkiiCryptoProtocolGuid, @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( return EFI_NOT_FOUND; } - Version = mCryptoProtocol->GetVersion (); - if (Version < EDKII_CRYPTO_VERSION) { - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported version %d\n", Version)); - ASSERT (Version >= EDKII_CRYPTO_VERSION); - mCryptoProtocol = NULL; - return EFI_NOT_FOUND; - } - return EFI_SUCCESS; } diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c index 51f858302f..6ad1d3afe0 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c @@ -30,7 +30,6 @@ GetCryptoServices ( { EFI_STATUS Status; EDKII_CRYPTO_PPI *CryptoPpi; - UINTN Version; CryptoPpi = NULL; Status = PeiServicesLocatePpi ( @@ -46,12 +45,5 @@ GetCryptoServices ( return NULL; } - Version = CryptoPpi->GetVersion (); - if (Version < EDKII_CRYPTO_VERSION) { - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported version %d\n", Version)); - ASSERT (Version >= EDKII_CRYPTO_VERSION); - return NULL; - } - return (VOID *)CryptoPpi; } diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c index be0f44e63b..6c7c75c8a7 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( ) { EFI_STATUS Status; - UINTN Version; Status = gSmst->SmmLocateProtocol ( &gEdkiiSmmCryptoProtocolGuid, @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( return EFI_NOT_FOUND; } - Version = mSmmCryptoProtocol->GetVersion (); - if (Version < EDKII_CRYPTO_VERSION) { - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol unsupported version %d\n", Version)); - ASSERT (Version >= EDKII_CRYPTO_VERSION); - mSmmCryptoProtocol = NULL; - return EFI_NOT_FOUND; - } - return EFI_SUCCESS; } -- 2.31.1.windows.1 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible 2023-01-04 2:03 ` [edk2-devel] " Li, Yi @ 2023-01-06 10:06 ` Yao, Jiewen 2023-01-06 11:06 ` Li, Yi 0 siblings, 1 reply; 9+ messages in thread From: Yao, Jiewen @ 2023-01-06 10:06 UTC (permalink / raw) To: Li, Yi1, devel@edk2.groups.io Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Kinney, Michael D Thanks Yi. You raised a very interesting question. + Mike Kinney, to comment from the requirement perspective. The original design is very simple: CryptoBin.Version >= CryptoConsumer.Version. Now you want to handle the case that: CryptoConsumer.Version > CryptoBin.Version, but the CryptoConsumer.Api is already present in CryptoBin.Api. To me, the hidden assumption is that: As long as an API is present, it will be used. The version of the API is not cared. This is only TRUE, if you only care the API is present or absent. But it is NOT TRUE, if you care the implementation of API. Maybe the higher version of an API fixed some bug, or add some new features. I believe this is very dangerous downgrade. I don't recommend we do it. Mike, what do you think? Question to Yi: If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin at the same time? Thank you Yao, Jiewen > -----Original Message----- > From: Li, Yi1 <yi1.li@intel.com> > Sent: Wednesday, January 4, 2023 10:03 AM > To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J > <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > Guomin <guomin.jiang@intel.com> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Hi, any comments about this BZ and patch? > Code link: https://github.com/tianocore/edk2/pull/3787 > > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, Yi > Sent: Monday, December 19, 2022 2:24 PM > To: devel@edk2.groups.io > Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, > Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > Guomin <guomin.jiang@intel.com> > Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 > > Using older Crypto protocol will be allowed. > Each function wrapper will be annotated to require a minimum required > version of the crypto protocol and assert if called when the version is > not compatible. > Ths minimum version difined as the version when the API was introduced. > Details: > ///Parallel hash: MinVersion 8 > ParallelHash256HashAll, > /// HMAC SHA256 (continued): MinVersion 9 > HmacSha256All, > /// HMAC SHA384: MinVersion 9 > HmacSha384New, > ... > HmacSha384All, > /// HKDF (continued): MinVersion 10 > HkdfSha256Extract, > ... > HkdfSha384Expand, > /// Aead Aes GCM: MinVersion 11 > AeadAesGcmEncrypt, > AeadAesGcmDecrypt, > /// Big Numbers: MinVersion 12 > BigNumInit, > ... > BigNumAddMod, > /// EC: MinVersion 13 > EcGroupInit, > ... > EcDhComputeKey, > /// TLS (continued): MinVersion 14 > TlsShutdown, > ... > TlsGetExportKey, > /// Ec (Continued): MinVersion 15 > EcGetPublicKeyFromX509, > ... > EcDsaVerify, > /// X509 (Continued): MinVersion 16 > X509GetVersion, > ... > X509GetExtendedBasicConstraints > /// Others: MinVersion 7 > > Cc: Jiewen Yao <jiewen.yao@intel.com> > Cc: Jian J Wang <jian.j.wang@intel.com> > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> > Cc: Guomin Jiang <guomin.jiang@intel.com> > Signed-off-by: Yi Li <yi1.li@intel.com> > --- > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- > .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - > .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - > .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - > 4 files changed, 227 insertions(+), 248 deletions(-) > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > index 4e31bc278e..e470a0f0d4 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > @@ -24,18 +24,20 @@ > @param Args The argument list to pass to Function. > @param ErrorReturnValue The value to return if the protocol is NULL or > the > service in the protocol is NULL. > - > -**/ > -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) \ > - do { \ > - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > - \ > - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > - return (CryptoServices->Function) Args; \ > - } \ > - CryptoServiceNotAvailable (#Function); \ > - return ErrorReturnValue; \ > + @param MinVersion The minimum protocol version that supports the > API. > + > +**/ > +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, > MinVersion) \ > + do { \ > + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > + \ > + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > + CryptoServices->GetVersion () >= MinVersion) { \ > + return (CryptoServices->Function) Args; \ > + } \ > + CryptoServiceNotAvailable (#Function); \ > + return ErrorReturnValue; \ > } while (FALSE); > > /** > @@ -45,14 +47,16 @@ > > @param Function Name of the EDK II Crypto Protocol service to call. > @param Args The argument list to pass to Function. > + @param MinVersion The minimum protocol version that supports the > API. > > **/ > -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ > +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) \ > do { \ > EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > \ > CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > + CryptoServices->GetVersion () >= MinVersion) { \ > (CryptoServices->Function) Args; \ > return; \ > } \ > @@ -116,7 +120,7 @@ Md5GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); > } > > /** > @@ -139,7 +143,7 @@ Md5Init ( > OUT VOID *Md5Context > ) > { > - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); > + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); > } > > /** > @@ -164,7 +168,7 @@ Md5Duplicate ( > OUT VOID *NewMd5Context > ) > { > - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > FALSE); > + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > FALSE, 7); > } > > /** > @@ -195,7 +199,7 @@ Md5Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE); > + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE, > 7); > } > > /** > @@ -227,7 +231,7 @@ Md5Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, 7); > } > > /** > @@ -256,7 +260,7 @@ Md5HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE, > 7); > } > > #endif > @@ -278,7 +282,7 @@ Sha1GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); > } > > /** > @@ -301,7 +305,7 @@ Sha1Init ( > OUT VOID *Sha1Context > ) > { > - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); > } > > /** > @@ -326,7 +330,7 @@ Sha1Duplicate ( > OUT VOID *NewSha1Context > ) > { > - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), > FALSE); > + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), > FALSE, 7); > } > > /** > @@ -357,7 +361,7 @@ Sha1Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), FALSE, > 7); > } > > /** > @@ -389,7 +393,7 @@ Sha1Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, 7); > } > > /** > @@ -418,7 +422,7 @@ Sha1HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE, > 7); > } > > #endif > @@ -435,7 +439,7 @@ Sha256GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); > } > > /** > @@ -456,7 +460,7 @@ Sha256Init ( > OUT VOID *Sha256Context > ) > { > - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); > } > > /** > @@ -481,7 +485,7 @@ Sha256Duplicate ( > OUT VOID *NewSha256Context > ) > { > - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > NewSha256Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > NewSha256Context), FALSE, 7); > } > > /** > @@ -510,7 +514,7 @@ Sha256Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), > FALSE, 7); > } > > /** > @@ -540,7 +544,7 @@ Sha256Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE, > 7); > } > > /** > @@ -569,7 +573,7 @@ Sha256HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > FALSE); > + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > FALSE, 7); > } > > /** > @@ -584,7 +588,7 @@ Sha384GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); > } > > /** > @@ -605,7 +609,7 @@ Sha384Init ( > OUT VOID *Sha384Context > ) > { > - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); > } > > /** > @@ -630,7 +634,7 @@ Sha384Duplicate ( > OUT VOID *NewSha384Context > ) > { > - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > NewSha384Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > NewSha384Context), FALSE, 7); > } > > /** > @@ -659,7 +663,7 @@ Sha384Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), > FALSE, 7); > } > > /** > @@ -689,7 +693,7 @@ Sha384Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE, > 7); > } > > /** > @@ -718,7 +722,7 @@ Sha384HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > FALSE); > + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > FALSE, 7); > } > > /** > @@ -733,7 +737,7 @@ Sha512GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); > } > > /** > @@ -754,7 +758,7 @@ Sha512Init ( > OUT VOID *Sha512Context > ) > { > - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); > } > > /** > @@ -779,7 +783,7 @@ Sha512Duplicate ( > OUT VOID *NewSha512Context > ) > { > - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > NewSha512Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > NewSha512Context), FALSE, 7); > } > > /** > @@ -808,7 +812,7 @@ Sha512Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), > FALSE, 7); > } > > /** > @@ -838,7 +842,7 @@ Sha512Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE, > 7); > } > > /** > @@ -867,7 +871,7 @@ Sha512HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > FALSE); > + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > FALSE, 7); > } > > /** > @@ -899,7 +903,7 @@ ParallelHash256HashAll ( > IN UINTN CustomByteLen > ) > { > - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE); > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE, 8); > } > > /** > @@ -914,7 +918,7 @@ Sm3GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); > } > > /** > @@ -935,7 +939,7 @@ Sm3Init ( > OUT VOID *Sm3Context > ) > { > - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); > + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); > } > > /** > @@ -960,7 +964,7 @@ Sm3Duplicate ( > OUT VOID *NewSm3Context > ) > { > - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > FALSE); > + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > FALSE, 7); > } > > /** > @@ -989,7 +993,7 @@ Sm3Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE); > + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE, > 7); > } > > /** > @@ -1019,7 +1023,7 @@ Sm3Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, 7); > } > > /** > @@ -1048,7 +1052,7 @@ Sm3HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE, > 7); > } > > // > ================================================================ > ===================== > @@ -1068,7 +1072,7 @@ HmacSha256New ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); > + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); > } > > /** > @@ -1083,7 +1087,7 @@ HmacSha256Free ( > IN VOID *HmacSha256Ctx > ) > { > - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); > + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), 7); > } > > /** > @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( > IN UINTN KeySize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > KeySize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > KeySize), FALSE, 7); > } > > /** > @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( > OUT VOID *NewHmacSha256Context > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > NewHmacSha256Context), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > NewHmacSha256Context), FALSE, 7); > } > > /** > @@ -1166,7 +1170,7 @@ HmacSha256Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, > DataSize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, > DataSize), FALSE, 7); > } > > /** > @@ -1198,7 +1202,7 @@ HmacSha256Final ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > HmacValue), FALSE, 7); > } > > /** > @@ -1231,7 +1235,7 @@ HmacSha256All ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE, 9); > } > > /** > @@ -1247,7 +1251,7 @@ HmacSha384New ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); > } > > /** > @@ -1262,7 +1266,7 @@ HmacSha384Free ( > IN VOID *HmacSha384Ctx > ) > { > - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), 9); > } > > /** > @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( > IN UINTN KeySize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > KeySize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > KeySize), FALSE, 9); > } > > /** > @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( > OUT VOID *NewHmacSha384Context > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > NewHmacSha384Context), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > NewHmacSha384Context), FALSE, 9); > } > > /** > @@ -1345,7 +1349,7 @@ HmacSha384Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, > DataSize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, > DataSize), FALSE, 9); > } > > /** > @@ -1377,7 +1381,7 @@ HmacSha384Final ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > HmacValue), FALSE, 9); > } > > /** > @@ -1410,7 +1414,7 @@ HmacSha384All ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE, 9); > } > > // > ================================================================ > ===================== > @@ -1432,7 +1436,7 @@ AesGetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); > } > > /** > @@ -1465,7 +1469,7 @@ AesInit ( > IN UINTN KeyLength > ) > { > - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); > + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, 7); > } > > /** > @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( > OUT UINT8 *Output > ) > { > - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, > Output), FALSE); > + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, > Output), FALSE, 7); > } > > /** > @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( > OUT UINT8 *Output > ) > { > - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, > Output), FALSE); > + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > Ivec, Output), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( > OUT UINTN *DataOutSize > ) > { > - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > DataOutSize), FALSE); > + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > DataOutSize), FALSE, 11); > } > > /** > @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( > OUT UINTN *DataOutSize > ) > { > - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), > FALSE); > + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), > FALSE, 11); > } > > // > ================================================================ > ===================== > @@ -1662,7 +1666,7 @@ RsaNew ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); > + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); > } > > /** > @@ -1679,7 +1683,7 @@ RsaFree ( > IN VOID *RsaContext > ) > { > - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); > + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); > } > > /** > @@ -1713,7 +1717,7 @@ RsaSetKey ( > IN UINTN BnSize > ) > { > - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE, 7); > } > > /** > @@ -1753,7 +1757,7 @@ RsaGetKey ( > IN OUT UINTN *BnSize > ) > { > - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE, 7); > } > > /** > @@ -1788,7 +1792,7 @@ RsaGenerateKey ( > IN UINTN PublicExponentSize > ) > { > - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > PublicExponent, PublicExponentSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > PublicExponent, PublicExponentSize), FALSE, 7); > } > > /** > @@ -1818,7 +1822,7 @@ RsaCheckKey ( > IN VOID *RsaContext > ) > { > - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); > + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); > } > > /** > @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( > IN OUT UINTN *SigSize > ) > { > - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE, 7); > } > > /** > @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( > IN UINTN SigSize > ) > { > - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE, 7); > } > > /** > @@ -1923,7 +1927,7 @@ RsaPssVerify ( > IN UINT16 SaltLen > ) > { > - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > Signature, SigSize, DigestLen, SaltLen), FALSE); > + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > Signature, SigSize, DigestLen, SaltLen), FALSE, 7); > } > > /** > @@ -1968,7 +1972,7 @@ RsaPssSign ( > IN OUT UINTN *SigSize > ) > { > - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > DigestLen, SaltLen, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > DigestLen, SaltLen, Signature, SigSize), FALSE, 7); > } > > /** > @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( > OUT VOID **RsaContext > ) > { > - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, > Password, RsaContext), FALSE); > + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, > Password, RsaContext), FALSE, 7); > } > > /** > @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( > OUT VOID **RsaContext > ) > { > - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > RsaContext), FALSE); > + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > RsaContext), FALSE, 7); > } > > /** > @@ -2059,7 +2063,7 @@ X509GetSubjectName ( > IN OUT UINTN *SubjectSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, > SubjectSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, > SubjectSize), FALSE, 7); > } > > /** > @@ -2097,7 +2101,7 @@ X509GetCommonName ( > IN OUT UINTN *CommonNameSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > CommonName, CommonNameSize), RETURN_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); > } > > /** > @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( > IN OUT UINTN *NameBufferSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); > } > > /** > @@ -2165,7 +2169,7 @@ X509VerifyCert ( > IN UINTN CACertSize > ) > { > - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > CACertSize), FALSE); > + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > CACertSize), FALSE, 7); > } > > /** > @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( > OUT UINT8 **SingleX509Cert > ) > { > - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > SingleX509Cert), FALSE); > + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > SingleX509Cert), FALSE, 7); > } > > /** > @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( > IN VA_LIST Args > ) > { > - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), > FALSE); > + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), > FALSE, 7); > } > > /** > @@ -2273,7 +2277,7 @@ X509Free ( > IN VOID *X509Cert > ) > { > - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); > + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); > } > > /** > @@ -2290,7 +2294,7 @@ X509StackFree ( > IN VOID *X509Stack > ) > { > - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); > + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); > } > > /** > @@ -2319,7 +2323,7 @@ X509GetTBSCert ( > OUT UINTN *TBSCertSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > TBSCertSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > TBSCertSize), FALSE, 7); > } > > /** > @@ -2346,7 +2350,7 @@ X509GetVersion ( > OUT UINTN *Version > ) > { > - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE); > + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE, > 16); > } > > /** > @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( > IN OUT UINTN *SerialNumberSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > SerialNumber, SerialNumberSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > SerialNumber, SerialNumberSize), FALSE, 16); > } > > /** > @@ -2412,7 +2416,7 @@ X509GetIssuerName ( > IN OUT UINTN *CertIssuerSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > CertIssuerSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > CertIssuerSize), FALSE, 16); > } > > /** > @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( > IN OUT UINTN *OidSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, > OidSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, > OidSize), FALSE, 16); > } > > /** > @@ -2476,7 +2480,7 @@ X509GetExtensionData ( > IN OUT UINTN *ExtensionDataSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > OidSize, ExtensionData, ExtensionDataSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); > } > > /** > @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( > IN OUT UINTN *UsageSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, > UsageSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, > UsageSize), FALSE, 16); > } > > /** > @@ -2540,7 +2544,7 @@ X509GetValidity ( > IN OUT UINTN *ToSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, > To, ToSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, > To, ToSize), FALSE, 16); > } > > /** > @@ -2574,7 +2578,7 @@ X509FormatDateTime ( > IN OUT UINTN *DateTimeSize > ) > { > - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > DateTimeSize), FALSE); > + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > DateTimeSize), FALSE, 16); > } > > /** > @@ -2600,7 +2604,7 @@ X509CompareDateTime ( > IN CONST VOID *DateTime2 > ) > { > - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), > FALSE); > + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), > FALSE, 16); > } > > /** > @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( > OUT UINTN *Usage > ) > { > - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE); > + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE, > 16); > } > > /** > @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( > IN UINTN CertChainLength > ) > { > - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, > CertChain, CertChainLength), FALSE); > + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, > CertChain, CertChainLength), FALSE, 16); > } > > /** > @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( > OUT UINTN *CertLength > ) > { > - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > CertChainLength, CertIndex, Cert, CertLength), FALSE); > + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); > } > > /** > @@ -2704,7 +2708,7 @@ Asn1GetTag ( > IN UINT32 Tag > ) > { > - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); > + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, 16); > } > > /** > @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( > UINTN *BasicConstraintsSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, > BasicConstraints, BasicConstraintsSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, > BasicConstraints, BasicConstraintsSize), FALSE, 16); > } > > /** > @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( > OUT UINT8 *OutKey > ) > { > - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, 7); > } > > /** > @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( > OUT UINTN *EncryptedDataSize > ) > { > - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > FALSE, 7); > } > > /** > @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( > OUT UINTN *CertLength > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > StackLength, TrustedCert, CertLength), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > StackLength, TrustedCert, CertLength), FALSE, 7); > } > > /** > @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( > IN UINT8 *Certs > ) > { > - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); > + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); > } > > /** > @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( > OUT UINTN *UnchainLength > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, 7); > } > > /** > @@ -2959,7 +2963,7 @@ Pkcs7Sign ( > OUT UINTN *SignedDataSize > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > SignedDataSize), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > SignedDataSize), FALSE, 7); > } > > /** > @@ -2995,7 +2999,7 @@ Pkcs7Verify ( > IN UINTN DataLength > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > CertLength, InData, DataLength), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > CertLength, InData, DataLength), FALSE, 7); > } > > /** > @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( > IN BOOLEAN RequireAllPresent > ) > { > - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE); > + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE, > 7); > } > > /** > @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( > OUT UINTN *ContentSize > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > Content, ContentSize), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > Content, ContentSize), FALSE, 7); > } > > /** > @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( > IN UINTN HashSize > ) > { > - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > TrustedCert, CertSize, ImageHash, HashSize), FALSE); > + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); > } > > /** > @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( > OUT EFI_TIME *SigningTime > ) > { > - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > TsaCert, CertSize, SigningTime), FALSE); > + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > TsaCert, CertSize, SigningTime), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -3164,7 +3168,7 @@ DhNew ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (DhNew, (), NULL); > + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); > } > > /** > @@ -3181,7 +3185,7 @@ DhFree ( > IN VOID *DhContext > ) > { > - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); > + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); > } > > /** > @@ -3217,7 +3221,7 @@ DhGenerateParameter ( > OUT UINT8 *Prime > ) > { > - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE); > + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE, 7); > } > > /** > @@ -3252,7 +3256,7 @@ DhSetParameter ( > IN CONST UINT8 *Prime > ) > { > - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE); > + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE, 7); > } > > /** > @@ -3287,7 +3291,7 @@ DhGenerateKey ( > IN OUT UINTN *PublicKeySize > ) > { > - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > PublicKeySize), FALSE); > + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > PublicKeySize), FALSE, 7); > } > > /** > @@ -3326,7 +3330,7 @@ DhComputeKey ( > IN OUT UINTN *KeySize > ) > { > - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > PeerPublicKeySize, Key, KeySize), FALSE); > + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > PeerPublicKeySize, Key, KeySize), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -3358,7 +3362,7 @@ RandomSeed ( > IN UINTN SeedSize > ) > { > - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); > + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); > } > > /** > @@ -3382,7 +3386,7 @@ RandomBytes ( > IN UINTN Size > ) > { > - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); > + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); > } > > /** > @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( > UINTN PrkOutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE, 10); > } > > /** > @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE, 10); > } > > /** > @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); > } > > /** > @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( > UINTN PrkOutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE, 10); > } > > /** > @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE, 10); > } > > /** > @@ -3582,7 +3586,7 @@ TlsInitialize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); > + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); > } > > /** > @@ -3597,7 +3601,7 @@ TlsCtxFree ( > IN VOID *TlsCtx > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); > + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); > } > > /** > @@ -3618,7 +3622,7 @@ TlsCtxNew ( > IN UINT8 MinorVer > ) > { > - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); > + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); > } > > /** > @@ -3636,7 +3640,7 @@ TlsFree ( > IN VOID *Tls > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); > + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); > } > > /** > @@ -3658,7 +3662,7 @@ TlsNew ( > IN VOID *TlsCtx > ) > { > - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); > + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); > } > > /** > @@ -3678,7 +3682,7 @@ TlsInHandshake ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); > + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); > } > > /** > @@ -3717,7 +3721,7 @@ TlsDoHandshake ( > IN OUT UINTN *BufferOutSize > ) > { > - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > } > > /** > @@ -3755,7 +3759,7 @@ TlsHandleAlert ( > IN OUT UINTN *BufferOutSize > ) > { > - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > } > > /** > @@ -3784,7 +3788,7 @@ TlsCloseNotify ( > IN OUT UINTN *BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3860,7 +3864,7 @@ TlsRead ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3886,7 +3890,7 @@ TlsWrite ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3908,7 +3912,7 @@ TlsShutdown ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); > } > > /** > @@ -3933,7 +3937,7 @@ TlsSetVersion ( > IN UINT8 MinorVer > ) > { > - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( > IN BOOLEAN IsServer > ) > { > - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -3985,7 +3989,7 @@ TlsSetCipherList ( > IN UINTN CipherNum > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( > IN UINT8 CompMethod > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4025,7 +4029,7 @@ TlsSetVerify ( > IN UINT32 VerifyMode > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); > + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); > } > > /** > @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( > IN CHAR8 *HostName > ) > { > - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4074,7 +4078,7 @@ TlsSetSessionId ( > IN UINT16 SessionIdLen > ) > { > - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( > IN VOID *Password OPTIONAL > ) > { > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > Password), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > Password), EFI_UNSUPPORTED, 14); > } > > /** > @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 14); > } > > /** > @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 14); > } > > /** > @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 14); > } > > /** > @@ -4286,7 +4290,7 @@ TlsGetVersion ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); > + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); > } > > /** > @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); > + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); > } > > /** > @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( > IN OUT UINT16 *CipherId > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( > IN OUT UINT8 *CompressionId > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, CompressionId), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > CompressionId), EFI_UNSUPPORTED, 7); > } > > /** > @@ -4380,7 +4384,7 @@ TlsGetVerify ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); > + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); > } > > /** > @@ -4406,7 +4410,7 @@ TlsGetSessionId ( > IN OUT UINT16 *SessionIdLen > ) > { > - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( > IN OUT UINT8 *ClientRandom > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom)); > + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom), > 7); > } > > /** > @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( > IN OUT UINT8 *ServerRandom > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom)); > + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom), > 7); > } > > /** > @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( > IN OUT UINT8 *KeyMaterial > ) > { > - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4615,7 +4619,8 @@ TlsGetExportKey ( > TlsGetExportKey, > (Tls, Label, Context, ContextLen, > KeyBuffer, KeyBufferLen), > - EFI_UNSUPPORTED > + EFI_UNSUPPORTED, > + 14 > ); > } > > @@ -4634,7 +4639,7 @@ BigNumInit ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); > + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); > } > > /** > @@ -4652,7 +4657,7 @@ BigNumFromBin ( > IN UINTN Len > ) > { > - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); > + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); > } > > /** > @@ -4671,7 +4676,7 @@ BigNumToBin ( > OUT UINT8 *Buf > ) > { > - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); > + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); > } > > /** > @@ -4687,7 +4692,7 @@ BigNumFree ( > IN BOOLEAN Clear > ) > { > - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); > + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); > } > > /** > @@ -4710,7 +4715,7 @@ BigNumAdd ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4733,7 +4738,7 @@ BigNumSub ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4756,7 +4761,7 @@ BigNumMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4781,7 +4786,7 @@ BigNumExpMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -4804,7 +4809,7 @@ BigNumInverseMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -4827,7 +4832,7 @@ BigNumDiv ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4852,7 +4857,7 @@ BigNumMulMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -4872,7 +4877,7 @@ BigNumCmp ( > IN CONST VOID *BnB > ) > { > - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); > + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); > } > > /** > @@ -4888,7 +4893,7 @@ BigNumBits ( > IN CONST VOID *Bn > ) > { > - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); > + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); > } > > /** > @@ -4904,7 +4909,7 @@ BigNumBytes ( > IN CONST VOID *Bn > ) > { > - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); > + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); > } > > /** > @@ -4923,7 +4928,7 @@ BigNumIsWord ( > IN UINTN Num > ) > { > - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); > + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); > } > > /** > @@ -4940,7 +4945,7 @@ BigNumIsOdd ( > IN CONST VOID *Bn > ) > { > - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); > + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); > } > > /** > @@ -4959,7 +4964,7 @@ BigNumCopy ( > IN CONST VOID *BnSrc > ) > { > - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); > + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); > } > > /** > @@ -4974,7 +4979,7 @@ BigNumValueOne ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); > + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); > } > > /** > @@ -4997,7 +5002,7 @@ BigNumRShift ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); > } > > /** > @@ -5013,7 +5018,7 @@ BigNumConstTime ( > IN VOID *Bn > ) > { > - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); > + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); > } > > /** > @@ -5036,7 +5041,7 @@ BigNumSqrMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, 12); > } > > /** > @@ -5052,7 +5057,7 @@ BigNumNewContext ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); > + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); > } > > /** > @@ -5066,7 +5071,7 @@ BigNumContextFree ( > IN VOID *BnCtx > ) > { > - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); > + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); > } > > /** > @@ -5085,7 +5090,7 @@ BigNumSetUint ( > IN UINTN Val > ) > { > - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); > + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); > } > > /** > @@ -5108,7 +5113,7 @@ BigNumAddMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -5128,7 +5133,7 @@ EcGroupInit ( > IN UINTN CryptoNid > ) > { > - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); > + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); > } > > /** > @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, > BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, > BnCtx), FALSE, 13); > } > > /** > @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( > OUT VOID *BnOrder > ) > { > - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); > + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE, 13); > } > > /** > @@ -5192,7 +5197,7 @@ EcGroupFree ( > IN VOID *EcGroup > ) > { > - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); > + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); > } > > /** > @@ -5210,7 +5215,7 @@ EcPointInit ( > IN CONST VOID *EcGroup > ) > { > - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); > + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); > } > > /** > @@ -5226,7 +5231,7 @@ EcPointDeInit ( > IN BOOLEAN Clear > ) > { > - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); > + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); > } > > /** > @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE, 13); > } > > /** > @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE, 13); > } > > /** > @@ -5305,7 +5310,7 @@ EcPointAdd ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > EcPointB, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > EcPointB, BnCtx), FALSE, 13); > } > > /** > @@ -5331,7 +5336,7 @@ EcPointMul ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > BnPScalar, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > BnPScalar, BnCtx), FALSE, 13); > } > > /** > @@ -5352,7 +5357,7 @@ EcPointInvert ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE, > 13); > } > > /** > @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > FALSE); > + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > FALSE, 13); > } > > /** > @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( > IN CONST VOID *EcPoint > ) > { > - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); > + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, 13); > } > > /** > @@ -5415,7 +5420,7 @@ EcPointEqual ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > BnCtx), FALSE, 13); > } > > /** > @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > EcPoint, BnX, YBit, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > EcPoint, BnX, YBit, BnCtx), FALSE, 13); > } > > /** > @@ -5462,7 +5467,7 @@ EcNewByNid ( > IN UINTN Nid > ) > { > - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); > + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); > } > > /** > @@ -5476,7 +5481,7 @@ EcFree ( > IN VOID *EcContext > ) > { > - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); > + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); > } > > /** > @@ -5513,7 +5518,7 @@ EcGenerateKey ( > IN OUT UINTN *PublicKeySize > ) > { > - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > PublicKeySize), FALSE); > + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > PublicKeySize), FALSE, 13); > } > > /** > @@ -5538,7 +5543,7 @@ EcGetPubKey ( > IN OUT UINTN *PublicKeySize > ) > { > - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize), > FALSE); > + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > PublicKeySize), FALSE, 13); > } > > /** > @@ -5577,7 +5582,7 @@ EcDhComputeKey ( > IN OUT UINTN *KeySize > ) > { > - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > PeerPublicSize, CompressFlag, Key, KeySize), FALSE); > + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); > } > > /** > @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( > OUT VOID **EcContext > ) > { > - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > EcContext), FALSE); > + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > EcContext), FALSE, 15); > } > > /** > @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( > OUT VOID **EcContext > ) > { > - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > Password, EcContext), FALSE); > + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > Password, EcContext), FALSE, 15); > } > > /** > @@ -5676,7 +5681,7 @@ EcDsaSign ( > IN OUT UINTN *SigSize > ) > { > - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE, 15); > } > > /** > @@ -5713,5 +5718,5 @@ EcDsaVerify ( > IN UINTN SigSize > ) > { > - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE, 15); > } > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > index dc7527bb01..fe9cdc0d4d 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( > ) > { > EFI_STATUS Status; > - UINTN Version; > > Status = gBS->LocateProtocol ( > &gEdkiiCryptoProtocolGuid, > @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( > return EFI_NOT_FOUND; > } > > - Version = mCryptoProtocol->GetVersion (); > - if (Version < EDKII_CRYPTO_VERSION) { > - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported > version %d\n", Version)); > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > - mCryptoProtocol = NULL; > - return EFI_NOT_FOUND; > - } > - > return EFI_SUCCESS; > } > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > index 51f858302f..6ad1d3afe0 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > @@ -30,7 +30,6 @@ GetCryptoServices ( > { > EFI_STATUS Status; > EDKII_CRYPTO_PPI *CryptoPpi; > - UINTN Version; > > CryptoPpi = NULL; > Status = PeiServicesLocatePpi ( > @@ -46,12 +45,5 @@ GetCryptoServices ( > return NULL; > } > > - Version = CryptoPpi->GetVersion (); > - if (Version < EDKII_CRYPTO_VERSION) { > - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported > version %d\n", Version)); > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > - return NULL; > - } > - > return (VOID *)CryptoPpi; > } > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > index be0f44e63b..6c7c75c8a7 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( > ) > { > EFI_STATUS Status; > - UINTN Version; > > Status = gSmst->SmmLocateProtocol ( > &gEdkiiSmmCryptoProtocolGuid, > @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( > return EFI_NOT_FOUND; > } > > - Version = mSmmCryptoProtocol->GetVersion (); > - if (Version < EDKII_CRYPTO_VERSION) { > - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol > unsupported version %d\n", Version)); > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > - mSmmCryptoProtocol = NULL; > - return EFI_NOT_FOUND; > - } > - > return EFI_SUCCESS; > } > -- > 2.31.1.windows.1 > > > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible 2023-01-06 10:06 ` Yao, Jiewen @ 2023-01-06 11:06 ` Li, Yi 2023-01-06 11:21 ` Yao, Jiewen [not found] ` <1737B458A2E4874C.7095@groups.io> 0 siblings, 2 replies; 9+ messages in thread From: Li, Yi @ 2023-01-06 11:06 UTC (permalink / raw) To: Yao, Jiewen, devel@edk2.groups.io Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Kinney, Michael D Hi Jiewen, Thanks for feedback. >If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin at the same time? 1. CryptoConsumer and CryptoBin are usually delivered by different people. For example, some features that require CryptoBin are responsible for by an independent team, but Cyptobin is responsible for the platform as part of the platform firmware. 2. In the actual development process, the update of CryptoBin is often difficult due to reasons such as binary size or freeze of platform code, especially on older platforms, which will cause the feature development team to have to maintain multiple feature versions based on different EDK2 CyptoPkg. > But it is NOT TRUE, if you care the implementation of API. Maybe the higher version of an API fixed some bug, or add some new features. Perhaps we can ask developers to update the minimum version of CyptoAPI after bug or security fixes. Thanks, Yi -----Original Message----- From: Yao, Jiewen <jiewen.yao@intel.com> Sent: Friday, January 6, 2023 6:06 PM To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com> Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible Thanks Yi. You raised a very interesting question. + Mike Kinney, to comment from the requirement perspective. The original design is very simple: CryptoBin.Version >= CryptoConsumer.Version. Now you want to handle the case that: CryptoConsumer.Version > CryptoBin.Version, but the CryptoConsumer.Api is already present in CryptoBin.Api. To me, the hidden assumption is that: As long as an API is present, it will be used. The version of the API is not cared. This is only TRUE, if you only care the API is present or absent. But it is NOT TRUE, if you care the implementation of API. Maybe the higher version of an API fixed some bug, or add some new features. I believe this is very dangerous downgrade. I don't recommend we do it. Mike, what do you think? Question to Yi: If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin at the same time? Thank you Yao, Jiewen > -----Original Message----- > From: Li, Yi1 <yi1.li@intel.com> > Sent: Wednesday, January 4, 2023 10:03 AM > To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J > <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > Guomin <guomin.jiang@intel.com> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Hi, any comments about this BZ and patch? > Code link: https://github.com/tianocore/edk2/pull/3787 > > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, Yi > Sent: Monday, December 19, 2022 2:24 PM > To: devel@edk2.groups.io > Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, > Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > Guomin <guomin.jiang@intel.com> > Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 > > Using older Crypto protocol will be allowed. > Each function wrapper will be annotated to require a minimum required > version of the crypto protocol and assert if called when the version is > not compatible. > Ths minimum version difined as the version when the API was introduced. > Details: > ///Parallel hash: MinVersion 8 > ParallelHash256HashAll, > /// HMAC SHA256 (continued): MinVersion 9 > HmacSha256All, > /// HMAC SHA384: MinVersion 9 > HmacSha384New, > ... > HmacSha384All, > /// HKDF (continued): MinVersion 10 > HkdfSha256Extract, > ... > HkdfSha384Expand, > /// Aead Aes GCM: MinVersion 11 > AeadAesGcmEncrypt, > AeadAesGcmDecrypt, > /// Big Numbers: MinVersion 12 > BigNumInit, > ... > BigNumAddMod, > /// EC: MinVersion 13 > EcGroupInit, > ... > EcDhComputeKey, > /// TLS (continued): MinVersion 14 > TlsShutdown, > ... > TlsGetExportKey, > /// Ec (Continued): MinVersion 15 > EcGetPublicKeyFromX509, > ... > EcDsaVerify, > /// X509 (Continued): MinVersion 16 > X509GetVersion, > ... > X509GetExtendedBasicConstraints > /// Others: MinVersion 7 > > Cc: Jiewen Yao <jiewen.yao@intel.com> > Cc: Jian J Wang <jian.j.wang@intel.com> > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> > Cc: Guomin Jiang <guomin.jiang@intel.com> > Signed-off-by: Yi Li <yi1.li@intel.com> > --- > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- > .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - > .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - > .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - > 4 files changed, 227 insertions(+), 248 deletions(-) > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > index 4e31bc278e..e470a0f0d4 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > @@ -24,18 +24,20 @@ > @param Args The argument list to pass to Function. > @param ErrorReturnValue The value to return if the protocol is NULL or > the > service in the protocol is NULL. > - > -**/ > -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) \ > - do { \ > - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > - \ > - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > - return (CryptoServices->Function) Args; \ > - } \ > - CryptoServiceNotAvailable (#Function); \ > - return ErrorReturnValue; \ > + @param MinVersion The minimum protocol version that supports the > API. > + > +**/ > +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, > MinVersion) \ > + do { \ > + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > + \ > + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > + CryptoServices->GetVersion () >= MinVersion) { \ > + return (CryptoServices->Function) Args; \ > + } \ > + CryptoServiceNotAvailable (#Function); \ > + return ErrorReturnValue; \ > } while (FALSE); > > /** > @@ -45,14 +47,16 @@ > > @param Function Name of the EDK II Crypto Protocol service to call. > @param Args The argument list to pass to Function. > + @param MinVersion The minimum protocol version that supports the > API. > > **/ > -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ > +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) \ > do { \ > EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > \ > CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > + CryptoServices->GetVersion () >= MinVersion) { \ > (CryptoServices->Function) Args; \ > return; \ > } \ > @@ -116,7 +120,7 @@ Md5GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); > } > > /** > @@ -139,7 +143,7 @@ Md5Init ( > OUT VOID *Md5Context > ) > { > - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); > + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); > } > > /** > @@ -164,7 +168,7 @@ Md5Duplicate ( > OUT VOID *NewMd5Context > ) > { > - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > FALSE); > + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > FALSE, 7); > } > > /** > @@ -195,7 +199,7 @@ Md5Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE); > + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), FALSE, > 7); > } > > /** > @@ -227,7 +231,7 @@ Md5Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, 7); > } > > /** > @@ -256,7 +260,7 @@ Md5HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE, > 7); > } > > #endif > @@ -278,7 +282,7 @@ Sha1GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); > } > > /** > @@ -301,7 +305,7 @@ Sha1Init ( > OUT VOID *Sha1Context > ) > { > - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); > } > > /** > @@ -326,7 +330,7 @@ Sha1Duplicate ( > OUT VOID *NewSha1Context > ) > { > - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), > FALSE); > + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), > FALSE, 7); > } > > /** > @@ -357,7 +361,7 @@ Sha1Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), FALSE, > 7); > } > > /** > @@ -389,7 +393,7 @@ Sha1Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, 7); > } > > /** > @@ -418,7 +422,7 @@ Sha1HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE, > 7); > } > > #endif > @@ -435,7 +439,7 @@ Sha256GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); > } > > /** > @@ -456,7 +460,7 @@ Sha256Init ( > OUT VOID *Sha256Context > ) > { > - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); > } > > /** > @@ -481,7 +485,7 @@ Sha256Duplicate ( > OUT VOID *NewSha256Context > ) > { > - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > NewSha256Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > NewSha256Context), FALSE, 7); > } > > /** > @@ -510,7 +514,7 @@ Sha256Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), > FALSE, 7); > } > > /** > @@ -540,7 +544,7 @@ Sha256Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE, > 7); > } > > /** > @@ -569,7 +573,7 @@ Sha256HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > FALSE); > + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > FALSE, 7); > } > > /** > @@ -584,7 +588,7 @@ Sha384GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); > } > > /** > @@ -605,7 +609,7 @@ Sha384Init ( > OUT VOID *Sha384Context > ) > { > - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); > } > > /** > @@ -630,7 +634,7 @@ Sha384Duplicate ( > OUT VOID *NewSha384Context > ) > { > - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > NewSha384Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > NewSha384Context), FALSE, 7); > } > > /** > @@ -659,7 +663,7 @@ Sha384Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), > FALSE, 7); > } > > /** > @@ -689,7 +693,7 @@ Sha384Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE, > 7); > } > > /** > @@ -718,7 +722,7 @@ Sha384HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > FALSE); > + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > FALSE, 7); > } > > /** > @@ -733,7 +737,7 @@ Sha512GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); > } > > /** > @@ -754,7 +758,7 @@ Sha512Init ( > OUT VOID *Sha512Context > ) > { > - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); > } > > /** > @@ -779,7 +783,7 @@ Sha512Duplicate ( > OUT VOID *NewSha512Context > ) > { > - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > NewSha512Context), FALSE); > + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > NewSha512Context), FALSE, 7); > } > > /** > @@ -808,7 +812,7 @@ Sha512Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), > FALSE, 7); > } > > /** > @@ -838,7 +842,7 @@ Sha512Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE, > 7); > } > > /** > @@ -867,7 +871,7 @@ Sha512HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > FALSE); > + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > FALSE, 7); > } > > /** > @@ -899,7 +903,7 @@ ParallelHash256HashAll ( > IN UINTN CustomByteLen > ) > { > - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE); > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE, 8); > } > > /** > @@ -914,7 +918,7 @@ Sm3GetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); > } > > /** > @@ -935,7 +939,7 @@ Sm3Init ( > OUT VOID *Sm3Context > ) > { > - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); > + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); > } > > /** > @@ -960,7 +964,7 @@ Sm3Duplicate ( > OUT VOID *NewSm3Context > ) > { > - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > FALSE); > + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > FALSE, 7); > } > > /** > @@ -989,7 +993,7 @@ Sm3Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE); > + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), FALSE, > 7); > } > > /** > @@ -1019,7 +1023,7 @@ Sm3Final ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, 7); > } > > /** > @@ -1048,7 +1052,7 @@ Sm3HashAll ( > OUT UINT8 *HashValue > ) > { > - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE); > + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE, > 7); > } > > // > ================================================================ > ===================== > @@ -1068,7 +1072,7 @@ HmacSha256New ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); > + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); > } > > /** > @@ -1083,7 +1087,7 @@ HmacSha256Free ( > IN VOID *HmacSha256Ctx > ) > { > - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); > + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), 7); > } > > /** > @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( > IN UINTN KeySize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > KeySize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > KeySize), FALSE, 7); > } > > /** > @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( > OUT VOID *NewHmacSha256Context > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > NewHmacSha256Context), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > NewHmacSha256Context), FALSE, 7); > } > > /** > @@ -1166,7 +1170,7 @@ HmacSha256Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, > DataSize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, > DataSize), FALSE, 7); > } > > /** > @@ -1198,7 +1202,7 @@ HmacSha256Final ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > HmacValue), FALSE, 7); > } > > /** > @@ -1231,7 +1235,7 @@ HmacSha256All ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE, 9); > } > > /** > @@ -1247,7 +1251,7 @@ HmacSha384New ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); > } > > /** > @@ -1262,7 +1266,7 @@ HmacSha384Free ( > IN VOID *HmacSha384Ctx > ) > { > - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), 9); > } > > /** > @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( > IN UINTN KeySize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > KeySize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > KeySize), FALSE, 9); > } > > /** > @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( > OUT VOID *NewHmacSha384Context > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > NewHmacSha384Context), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > NewHmacSha384Context), FALSE, 9); > } > > /** > @@ -1345,7 +1349,7 @@ HmacSha384Update ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, > DataSize), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, > DataSize), FALSE, 9); > } > > /** > @@ -1377,7 +1381,7 @@ HmacSha384Final ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > HmacValue), FALSE, 9); > } > > /** > @@ -1410,7 +1414,7 @@ HmacSha384All ( > OUT UINT8 *HmacValue > ) > { > - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE, 9); > } > > // > ================================================================ > ===================== > @@ -1432,7 +1436,7 @@ AesGetContextSize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); > + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); > } > > /** > @@ -1465,7 +1469,7 @@ AesInit ( > IN UINTN KeyLength > ) > { > - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); > + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, 7); > } > > /** > @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( > OUT UINT8 *Output > ) > { > - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, > Output), FALSE); > + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, Ivec, > Output), FALSE, 7); > } > > /** > @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( > OUT UINT8 *Output > ) > { > - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, > Output), FALSE); > + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > Ivec, Output), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( > OUT UINTN *DataOutSize > ) > { > - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > DataOutSize), FALSE); > + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > DataOutSize), FALSE, 11); > } > > /** > @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( > OUT UINTN *DataOutSize > ) > { > - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), > FALSE); > + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), > FALSE, 11); > } > > // > ================================================================ > ===================== > @@ -1662,7 +1666,7 @@ RsaNew ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); > + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); > } > > /** > @@ -1679,7 +1683,7 @@ RsaFree ( > IN VOID *RsaContext > ) > { > - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); > + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); > } > > /** > @@ -1713,7 +1717,7 @@ RsaSetKey ( > IN UINTN BnSize > ) > { > - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE, 7); > } > > /** > @@ -1753,7 +1757,7 @@ RsaGetKey ( > IN OUT UINTN *BnSize > ) > { > - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > BnSize), FALSE, 7); > } > > /** > @@ -1788,7 +1792,7 @@ RsaGenerateKey ( > IN UINTN PublicExponentSize > ) > { > - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > PublicExponent, PublicExponentSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > PublicExponent, PublicExponentSize), FALSE, 7); > } > > /** > @@ -1818,7 +1822,7 @@ RsaCheckKey ( > IN VOID *RsaContext > ) > { > - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); > + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); > } > > /** > @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( > IN OUT UINTN *SigSize > ) > { > - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE, 7); > } > > /** > @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( > IN UINTN SigSize > ) > { > - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > HashSize, Signature, SigSize), FALSE, 7); > } > > /** > @@ -1923,7 +1927,7 @@ RsaPssVerify ( > IN UINT16 SaltLen > ) > { > - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > Signature, SigSize, DigestLen, SaltLen), FALSE); > + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > Signature, SigSize, DigestLen, SaltLen), FALSE, 7); > } > > /** > @@ -1968,7 +1972,7 @@ RsaPssSign ( > IN OUT UINTN *SigSize > ) > { > - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > DigestLen, SaltLen, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > DigestLen, SaltLen, Signature, SigSize), FALSE, 7); > } > > /** > @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( > OUT VOID **RsaContext > ) > { > - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, > Password, RsaContext), FALSE); > + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, > Password, RsaContext), FALSE, 7); > } > > /** > @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( > OUT VOID **RsaContext > ) > { > - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > RsaContext), FALSE); > + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > RsaContext), FALSE, 7); > } > > /** > @@ -2059,7 +2063,7 @@ X509GetSubjectName ( > IN OUT UINTN *SubjectSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, > SubjectSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, CertSubject, > SubjectSize), FALSE, 7); > } > > /** > @@ -2097,7 +2101,7 @@ X509GetCommonName ( > IN OUT UINTN *CommonNameSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > CommonName, CommonNameSize), RETURN_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); > } > > /** > @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( > IN OUT UINTN *NameBufferSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); > } > > /** > @@ -2165,7 +2169,7 @@ X509VerifyCert ( > IN UINTN CACertSize > ) > { > - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > CACertSize), FALSE); > + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > CACertSize), FALSE, 7); > } > > /** > @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( > OUT UINT8 **SingleX509Cert > ) > { > - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > SingleX509Cert), FALSE); > + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > SingleX509Cert), FALSE, 7); > } > > /** > @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( > IN VA_LIST Args > ) > { > - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), > FALSE); > + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, Args), > FALSE, 7); > } > > /** > @@ -2273,7 +2277,7 @@ X509Free ( > IN VOID *X509Cert > ) > { > - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); > + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); > } > > /** > @@ -2290,7 +2294,7 @@ X509StackFree ( > IN VOID *X509Stack > ) > { > - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); > + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); > } > > /** > @@ -2319,7 +2323,7 @@ X509GetTBSCert ( > OUT UINTN *TBSCertSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > TBSCertSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > TBSCertSize), FALSE, 7); > } > > /** > @@ -2346,7 +2350,7 @@ X509GetVersion ( > OUT UINTN *Version > ) > { > - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE); > + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE, > 16); > } > > /** > @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( > IN OUT UINTN *SerialNumberSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > SerialNumber, SerialNumberSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > SerialNumber, SerialNumberSize), FALSE, 16); > } > > /** > @@ -2412,7 +2416,7 @@ X509GetIssuerName ( > IN OUT UINTN *CertIssuerSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > CertIssuerSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > CertIssuerSize), FALSE, 16); > } > > /** > @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( > IN OUT UINTN *OidSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, > OidSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, > OidSize), FALSE, 16); > } > > /** > @@ -2476,7 +2480,7 @@ X509GetExtensionData ( > IN OUT UINTN *ExtensionDataSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > OidSize, ExtensionData, ExtensionDataSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); > } > > /** > @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( > IN OUT UINTN *UsageSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, > UsageSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, > UsageSize), FALSE, 16); > } > > /** > @@ -2540,7 +2544,7 @@ X509GetValidity ( > IN OUT UINTN *ToSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, > To, ToSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, > To, ToSize), FALSE, 16); > } > > /** > @@ -2574,7 +2578,7 @@ X509FormatDateTime ( > IN OUT UINTN *DateTimeSize > ) > { > - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > DateTimeSize), FALSE); > + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > DateTimeSize), FALSE, 16); > } > > /** > @@ -2600,7 +2604,7 @@ X509CompareDateTime ( > IN CONST VOID *DateTime2 > ) > { > - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), > FALSE); > + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), > FALSE, 16); > } > > /** > @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( > OUT UINTN *Usage > ) > { > - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE); > + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE, > 16); > } > > /** > @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( > IN UINTN CertChainLength > ) > { > - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, > CertChain, CertChainLength), FALSE); > + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, > CertChain, CertChainLength), FALSE, 16); > } > > /** > @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( > OUT UINTN *CertLength > ) > { > - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > CertChainLength, CertIndex, Cert, CertLength), FALSE); > + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); > } > > /** > @@ -2704,7 +2708,7 @@ Asn1GetTag ( > IN UINT32 Tag > ) > { > - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); > + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, 16); > } > > /** > @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( > UINTN *BasicConstraintsSize > ) > { > - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, > BasicConstraints, BasicConstraintsSize), FALSE); > + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, > BasicConstraints, BasicConstraintsSize), FALSE, 16); > } > > /** > @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( > OUT UINT8 *OutKey > ) > { > - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, Password, > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, 7); > } > > /** > @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( > OUT UINTN *EncryptedDataSize > ) > { > - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > FALSE); > + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > FALSE, 7); > } > > /** > @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( > OUT UINTN *CertLength > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > StackLength, TrustedCert, CertLength), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > StackLength, TrustedCert, CertLength), FALSE, 7); > } > > /** > @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( > IN UINT8 *Certs > ) > { > - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); > + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); > } > > /** > @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( > OUT UINTN *UnchainLength > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, 7); > } > > /** > @@ -2959,7 +2963,7 @@ Pkcs7Sign ( > OUT UINTN *SignedDataSize > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > SignedDataSize), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > SignedDataSize), FALSE, 7); > } > > /** > @@ -2995,7 +2999,7 @@ Pkcs7Verify ( > IN UINTN DataLength > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > CertLength, InData, DataLength), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > CertLength, InData, DataLength), FALSE, 7); > } > > /** > @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( > IN BOOLEAN RequireAllPresent > ) > { > - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE); > + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE, > 7); > } > > /** > @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( > OUT UINTN *ContentSize > ) > { > - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > Content, ContentSize), FALSE); > + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > Content, ContentSize), FALSE, 7); > } > > /** > @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( > IN UINTN HashSize > ) > { > - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > TrustedCert, CertSize, ImageHash, HashSize), FALSE); > + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); > } > > /** > @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( > OUT EFI_TIME *SigningTime > ) > { > - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > TsaCert, CertSize, SigningTime), FALSE); > + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > TsaCert, CertSize, SigningTime), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -3164,7 +3168,7 @@ DhNew ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (DhNew, (), NULL); > + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); > } > > /** > @@ -3181,7 +3185,7 @@ DhFree ( > IN VOID *DhContext > ) > { > - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); > + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); > } > > /** > @@ -3217,7 +3221,7 @@ DhGenerateParameter ( > OUT UINT8 *Prime > ) > { > - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE); > + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE, 7); > } > > /** > @@ -3252,7 +3256,7 @@ DhSetParameter ( > IN CONST UINT8 *Prime > ) > { > - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE); > + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > PrimeLength, Prime), FALSE, 7); > } > > /** > @@ -3287,7 +3291,7 @@ DhGenerateKey ( > IN OUT UINTN *PublicKeySize > ) > { > - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > PublicKeySize), FALSE); > + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > PublicKeySize), FALSE, 7); > } > > /** > @@ -3326,7 +3330,7 @@ DhComputeKey ( > IN OUT UINTN *KeySize > ) > { > - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > PeerPublicKeySize, Key, KeySize), FALSE); > + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > PeerPublicKeySize, Key, KeySize), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -3358,7 +3362,7 @@ RandomSeed ( > IN UINTN SeedSize > ) > { > - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); > + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); > } > > /** > @@ -3382,7 +3386,7 @@ RandomBytes ( > IN UINTN Size > ) > { > - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); > + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); > } > > // > ================================================================ > ===================== > @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); > } > > /** > @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( > UINTN PrkOutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE, 10); > } > > /** > @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE, 10); > } > > /** > @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, Salt, > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); > } > > /** > @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( > UINTN PrkOutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > PrkOut, PrkOutSize), FALSE, 10); > } > > /** > @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( > IN UINTN OutSize > ) > { > - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE); > + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > Out, OutSize), FALSE, 10); > } > > /** > @@ -3582,7 +3586,7 @@ TlsInitialize ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); > + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); > } > > /** > @@ -3597,7 +3601,7 @@ TlsCtxFree ( > IN VOID *TlsCtx > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); > + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); > } > > /** > @@ -3618,7 +3622,7 @@ TlsCtxNew ( > IN UINT8 MinorVer > ) > { > - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); > + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); > } > > /** > @@ -3636,7 +3640,7 @@ TlsFree ( > IN VOID *Tls > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); > + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); > } > > /** > @@ -3658,7 +3662,7 @@ TlsNew ( > IN VOID *TlsCtx > ) > { > - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); > + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); > } > > /** > @@ -3678,7 +3682,7 @@ TlsInHandshake ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); > + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); > } > > /** > @@ -3717,7 +3721,7 @@ TlsDoHandshake ( > IN OUT UINTN *BufferOutSize > ) > { > - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > } > > /** > @@ -3755,7 +3759,7 @@ TlsHandleAlert ( > IN OUT UINTN *BufferOutSize > ) > { > - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > } > > /** > @@ -3784,7 +3788,7 @@ TlsCloseNotify ( > IN OUT UINTN *BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3860,7 +3864,7 @@ TlsRead ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3886,7 +3890,7 @@ TlsWrite ( > IN UINTN BufferSize > ) > { > - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); > + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); > } > > /** > @@ -3908,7 +3912,7 @@ TlsShutdown ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); > } > > /** > @@ -3933,7 +3937,7 @@ TlsSetVersion ( > IN UINT8 MinorVer > ) > { > - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( > IN BOOLEAN IsServer > ) > { > - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -3985,7 +3989,7 @@ TlsSetCipherList ( > IN UINTN CipherNum > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( > IN UINT8 CompMethod > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4025,7 +4029,7 @@ TlsSetVerify ( > IN UINT32 VerifyMode > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); > + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); > } > > /** > @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( > IN CHAR8 *HostName > ) > { > - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4074,7 +4078,7 @@ TlsSetSessionId ( > IN UINT16 SessionIdLen > ) > { > - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( > IN VOID *Password OPTIONAL > ) > { > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > Password), EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > Password), EFI_UNSUPPORTED, 14); > } > > /** > @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 14); > } > > /** > @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 14); > } > > /** > @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( > IN UINTN DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 14); > } > > /** > @@ -4286,7 +4290,7 @@ TlsGetVersion ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); > + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); > } > > /** > @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); > + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); > } > > /** > @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( > IN OUT UINT16 *CipherId > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( > IN OUT UINT8 *CompressionId > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, CompressionId), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > CompressionId), EFI_UNSUPPORTED, 7); > } > > /** > @@ -4380,7 +4384,7 @@ TlsGetVerify ( > IN VOID *Tls > ) > { > - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); > + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); > } > > /** > @@ -4406,7 +4410,7 @@ TlsGetSessionId ( > IN OUT UINT16 *SessionIdLen > ) > { > - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( > IN OUT UINT8 *ClientRandom > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom)); > + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom), > 7); > } > > /** > @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( > IN OUT UINT8 *ServerRandom > ) > { > - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom)); > + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, ServerRandom), > 7); > } > > /** > @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( > IN OUT UINT8 *KeyMaterial > ) > { > - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( > IN OUT UINTN *DataSize > ) > { > - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED); > + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > EFI_UNSUPPORTED, 7); > } > > /** > @@ -4615,7 +4619,8 @@ TlsGetExportKey ( > TlsGetExportKey, > (Tls, Label, Context, ContextLen, > KeyBuffer, KeyBufferLen), > - EFI_UNSUPPORTED > + EFI_UNSUPPORTED, > + 14 > ); > } > > @@ -4634,7 +4639,7 @@ BigNumInit ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); > + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); > } > > /** > @@ -4652,7 +4657,7 @@ BigNumFromBin ( > IN UINTN Len > ) > { > - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); > + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); > } > > /** > @@ -4671,7 +4676,7 @@ BigNumToBin ( > OUT UINT8 *Buf > ) > { > - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); > + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); > } > > /** > @@ -4687,7 +4692,7 @@ BigNumFree ( > IN BOOLEAN Clear > ) > { > - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); > + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); > } > > /** > @@ -4710,7 +4715,7 @@ BigNumAdd ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4733,7 +4738,7 @@ BigNumSub ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4756,7 +4761,7 @@ BigNumMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4781,7 +4786,7 @@ BigNumExpMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -4804,7 +4809,7 @@ BigNumInverseMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -4827,7 +4832,7 @@ BigNumDiv ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); > } > > /** > @@ -4852,7 +4857,7 @@ BigNumMulMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -4872,7 +4877,7 @@ BigNumCmp ( > IN CONST VOID *BnB > ) > { > - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); > + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); > } > > /** > @@ -4888,7 +4893,7 @@ BigNumBits ( > IN CONST VOID *Bn > ) > { > - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); > + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); > } > > /** > @@ -4904,7 +4909,7 @@ BigNumBytes ( > IN CONST VOID *Bn > ) > { > - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); > + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); > } > > /** > @@ -4923,7 +4928,7 @@ BigNumIsWord ( > IN UINTN Num > ) > { > - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); > + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); > } > > /** > @@ -4940,7 +4945,7 @@ BigNumIsOdd ( > IN CONST VOID *Bn > ) > { > - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); > + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); > } > > /** > @@ -4959,7 +4964,7 @@ BigNumCopy ( > IN CONST VOID *BnSrc > ) > { > - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); > + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); > } > > /** > @@ -4974,7 +4979,7 @@ BigNumValueOne ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); > + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); > } > > /** > @@ -4997,7 +5002,7 @@ BigNumRShift ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); > } > > /** > @@ -5013,7 +5018,7 @@ BigNumConstTime ( > IN VOID *Bn > ) > { > - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); > + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); > } > > /** > @@ -5036,7 +5041,7 @@ BigNumSqrMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, 12); > } > > /** > @@ -5052,7 +5057,7 @@ BigNumNewContext ( > VOID > ) > { > - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); > + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); > } > > /** > @@ -5066,7 +5071,7 @@ BigNumContextFree ( > IN VOID *BnCtx > ) > { > - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); > + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); > } > > /** > @@ -5085,7 +5090,7 @@ BigNumSetUint ( > IN UINTN Val > ) > { > - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); > + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); > } > > /** > @@ -5108,7 +5113,7 @@ BigNumAddMod ( > OUT VOID *BnRes > ) > { > - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE); > + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE, > 12); > } > > /** > @@ -5128,7 +5133,7 @@ EcGroupInit ( > IN UINTN CryptoNid > ) > { > - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); > + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); > } > > /** > @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, > BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, > BnCtx), FALSE, 13); > } > > /** > @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( > OUT VOID *BnOrder > ) > { > - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); > + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE, 13); > } > > /** > @@ -5192,7 +5197,7 @@ EcGroupFree ( > IN VOID *EcGroup > ) > { > - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); > + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); > } > > /** > @@ -5210,7 +5215,7 @@ EcPointInit ( > IN CONST VOID *EcGroup > ) > { > - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); > + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); > } > > /** > @@ -5226,7 +5231,7 @@ EcPointDeInit ( > IN BOOLEAN Clear > ) > { > - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); > + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); > } > > /** > @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE, 13); > } > > /** > @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, > BnX, BnY, BnCtx), FALSE, 13); > } > > /** > @@ -5305,7 +5310,7 @@ EcPointAdd ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > EcPointB, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > EcPointB, BnCtx), FALSE, 13); > } > > /** > @@ -5331,7 +5336,7 @@ EcPointMul ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > BnPScalar, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > BnPScalar, BnCtx), FALSE, 13); > } > > /** > @@ -5352,7 +5357,7 @@ EcPointInvert ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE, > 13); > } > > /** > @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > FALSE); > + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > FALSE, 13); > } > > /** > @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( > IN CONST VOID *EcPoint > ) > { > - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); > + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, 13); > } > > /** > @@ -5415,7 +5420,7 @@ EcPointEqual ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > BnCtx), FALSE, 13); > } > > /** > @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( > IN VOID *BnCtx > ) > { > - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > EcPoint, BnX, YBit, BnCtx), FALSE); > + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > EcPoint, BnX, YBit, BnCtx), FALSE, 13); > } > > /** > @@ -5462,7 +5467,7 @@ EcNewByNid ( > IN UINTN Nid > ) > { > - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); > + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); > } > > /** > @@ -5476,7 +5481,7 @@ EcFree ( > IN VOID *EcContext > ) > { > - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); > + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); > } > > /** > @@ -5513,7 +5518,7 @@ EcGenerateKey ( > IN OUT UINTN *PublicKeySize > ) > { > - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > PublicKeySize), FALSE); > + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > PublicKeySize), FALSE, 13); > } > > /** > @@ -5538,7 +5543,7 @@ EcGetPubKey ( > IN OUT UINTN *PublicKeySize > ) > { > - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize), > FALSE); > + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > PublicKeySize), FALSE, 13); > } > > /** > @@ -5577,7 +5582,7 @@ EcDhComputeKey ( > IN OUT UINTN *KeySize > ) > { > - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > PeerPublicSize, CompressFlag, Key, KeySize), FALSE); > + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); > } > > /** > @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( > OUT VOID **EcContext > ) > { > - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > EcContext), FALSE); > + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > EcContext), FALSE, 15); > } > > /** > @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( > OUT VOID **EcContext > ) > { > - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > Password, EcContext), FALSE); > + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > Password, EcContext), FALSE, 15); > } > > /** > @@ -5676,7 +5681,7 @@ EcDsaSign ( > IN OUT UINTN *SigSize > ) > { > - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE, 15); > } > > /** > @@ -5713,5 +5718,5 @@ EcDsaVerify ( > IN UINTN SigSize > ) > { > - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE); > + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, > HashSize, Signature, SigSize), FALSE, 15); > } > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > index dc7527bb01..fe9cdc0d4d 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( > ) > { > EFI_STATUS Status; > - UINTN Version; > > Status = gBS->LocateProtocol ( > &gEdkiiCryptoProtocolGuid, > @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( > return EFI_NOT_FOUND; > } > > - Version = mCryptoProtocol->GetVersion (); > - if (Version < EDKII_CRYPTO_VERSION) { > - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported > version %d\n", Version)); > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > - mCryptoProtocol = NULL; > - return EFI_NOT_FOUND; > - } > - > return EFI_SUCCESS; > } > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > index 51f858302f..6ad1d3afe0 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > @@ -30,7 +30,6 @@ GetCryptoServices ( > { > EFI_STATUS Status; > EDKII_CRYPTO_PPI *CryptoPpi; > - UINTN Version; > > CryptoPpi = NULL; > Status = PeiServicesLocatePpi ( > @@ -46,12 +45,5 @@ GetCryptoServices ( > return NULL; > } > > - Version = CryptoPpi->GetVersion (); > - if (Version < EDKII_CRYPTO_VERSION) { > - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported > version %d\n", Version)); > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > - return NULL; > - } > - > return (VOID *)CryptoPpi; > } > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > index be0f44e63b..6c7c75c8a7 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( > ) > { > EFI_STATUS Status; > - UINTN Version; > > Status = gSmst->SmmLocateProtocol ( > &gEdkiiSmmCryptoProtocolGuid, > @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( > return EFI_NOT_FOUND; > } > > - Version = mSmmCryptoProtocol->GetVersion (); > - if (Version < EDKII_CRYPTO_VERSION) { > - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol > unsupported version %d\n", Version)); > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > - mSmmCryptoProtocol = NULL; > - return EFI_NOT_FOUND; > - } > - > return EFI_SUCCESS; > } > -- > 2.31.1.windows.1 > > > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible 2023-01-06 11:06 ` Li, Yi @ 2023-01-06 11:21 ` Yao, Jiewen [not found] ` <1737B458A2E4874C.7095@groups.io> 1 sibling, 0 replies; 9+ messages in thread From: Yao, Jiewen @ 2023-01-06 11:21 UTC (permalink / raw) To: Li, Yi1, devel@edk2.groups.io Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Kinney, Michael D Perhaps we can ask developers to update the minimum version of CyptoAPI after bug or security fixes. [Jiewen] First, this is a new requirement. Hard to enforce. Second, if you do this, then you *may* need update the CryptoBin, if CryptoConsumer is updated. Third, it is hard to determine *when* to upgrade the MinVersion, especially when a bug fix is in the dependency module. For example, the code in CryptoPkg does not update, but the MdePkg update, which may cause the CryptoBin update. Should we update MinVersion? It will bring a burden to the one who maintains the MinVersion. I believe it will create more potential compatibility problem. One more question: If you want to update CryptoConsumer, but keep CryptoBin. Why you want to link a higher version of CryptoLib wrapper? Why not use the old version CryptoLib wrapper? Thank you Yao, Jiewen > -----Original Message----- > From: Li, Yi1 <yi1.li@intel.com> > Sent: Friday, January 6, 2023 7:07 PM > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > Michael D <michael.d.kinney@intel.com> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Hi Jiewen, > > Thanks for feedback. > > >If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin at > the same time? > > 1. CryptoConsumer and CryptoBin are usually delivered by different people. > For example, some features that require CryptoBin are responsible for by an > independent team, but Cyptobin is responsible for the platform as part of > the platform firmware. > > 2. In the actual development process, the update of CryptoBin is often > difficult due to reasons such as binary size or freeze of platform code, > especially on older platforms, which will cause the feature development > team to have to maintain multiple feature versions based on different EDK2 > CyptoPkg. > > > But it is NOT TRUE, if you care the implementation of API. Maybe the higher > version of an API fixed some bug, or add some new features. > > Perhaps we can ask developers to update the minimum version of CyptoAPI > after bug or security fixes. > > Thanks, > Yi > > -----Original Message----- > From: Yao, Jiewen <jiewen.yao@intel.com> > Sent: Friday, January 6, 2023 6:06 PM > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > Michael D <michael.d.kinney@intel.com> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Thanks Yi. > You raised a very interesting question. > > + Mike Kinney, to comment from the requirement perspective. > > The original design is very simple: CryptoBin.Version >= > CryptoConsumer.Version. > > Now you want to handle the case that: CryptoConsumer.Version > > CryptoBin.Version, but the CryptoConsumer.Api is already present in > CryptoBin.Api. > To me, the hidden assumption is that: As long as an API is present, it will be > used. The version of the API is not cared. > > This is only TRUE, if you only care the API is present or absent. > But it is NOT TRUE, if you care the implementation of API. Maybe the higher > version of an API fixed some bug, or add some new features. > > I believe this is very dangerous downgrade. I don't recommend we do it. > Mike, what do you think? > > Question to Yi: If you can upgrade the CryptoConsumer, why not upgrade the > CryptoBin at the same time? > > Thank you > Yao, Jiewen > > > -----Original Message----- > > From: Li, Yi1 <yi1.li@intel.com> > > Sent: Wednesday, January 4, 2023 10:03 AM > > To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com> > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J > > <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > > Guomin <guomin.jiang@intel.com> > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > Hi, any comments about this BZ and patch? > > Code link: https://github.com/tianocore/edk2/pull/3787 > > > > -----Original Message----- > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, Yi > > Sent: Monday, December 19, 2022 2:24 PM > > To: devel@edk2.groups.io > > Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, > > Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > > Guomin <guomin.jiang@intel.com> > > Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 > > > > Using older Crypto protocol will be allowed. > > Each function wrapper will be annotated to require a minimum required > > version of the crypto protocol and assert if called when the version is > > not compatible. > > Ths minimum version difined as the version when the API was introduced. > > Details: > > ///Parallel hash: MinVersion 8 > > ParallelHash256HashAll, > > /// HMAC SHA256 (continued): MinVersion 9 > > HmacSha256All, > > /// HMAC SHA384: MinVersion 9 > > HmacSha384New, > > ... > > HmacSha384All, > > /// HKDF (continued): MinVersion 10 > > HkdfSha256Extract, > > ... > > HkdfSha384Expand, > > /// Aead Aes GCM: MinVersion 11 > > AeadAesGcmEncrypt, > > AeadAesGcmDecrypt, > > /// Big Numbers: MinVersion 12 > > BigNumInit, > > ... > > BigNumAddMod, > > /// EC: MinVersion 13 > > EcGroupInit, > > ... > > EcDhComputeKey, > > /// TLS (continued): MinVersion 14 > > TlsShutdown, > > ... > > TlsGetExportKey, > > /// Ec (Continued): MinVersion 15 > > EcGetPublicKeyFromX509, > > ... > > EcDsaVerify, > > /// X509 (Continued): MinVersion 16 > > X509GetVersion, > > ... > > X509GetExtendedBasicConstraints > > /// Others: MinVersion 7 > > > > Cc: Jiewen Yao <jiewen.yao@intel.com> > > Cc: Jian J Wang <jian.j.wang@intel.com> > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> > > Cc: Guomin Jiang <guomin.jiang@intel.com> > > Signed-off-by: Yi Li <yi1.li@intel.com> > > --- > > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- > > .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - > > .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - > > .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - > > 4 files changed, 227 insertions(+), 248 deletions(-) > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > index 4e31bc278e..e470a0f0d4 100644 > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > @@ -24,18 +24,20 @@ > > @param Args The argument list to pass to Function. > > @param ErrorReturnValue The value to return if the protocol is NULL or > > the > > service in the protocol is NULL. > > - > > -**/ > > -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) \ > > - do { \ > > - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > - \ > > - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > - return (CryptoServices->Function) Args; \ > > - } \ > > - CryptoServiceNotAvailable (#Function); \ > > - return ErrorReturnValue; \ > > + @param MinVersion The minimum protocol version that supports > the > > API. > > + > > +**/ > > +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, > > MinVersion) \ > > + do { \ > > + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > + \ > > + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > \ > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > > + CryptoServices->GetVersion () >= MinVersion) { \ > > + return (CryptoServices->Function) Args; \ > > + } \ > > + CryptoServiceNotAvailable (#Function); \ > > + return ErrorReturnValue; \ > > } while (FALSE); > > > > /** > > @@ -45,14 +47,16 @@ > > > > @param Function Name of the EDK II Crypto Protocol service to call. > > @param Args The argument list to pass to Function. > > + @param MinVersion The minimum protocol version that supports > the > > API. > > > > **/ > > -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ > > +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) \ > > do { \ > > EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > \ > > CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > > + CryptoServices->GetVersion () >= MinVersion) { \ > > (CryptoServices->Function) Args; \ > > return; \ > > } \ > > @@ -116,7 +120,7 @@ Md5GetContextSize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); > > + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); > > } > > > > /** > > @@ -139,7 +143,7 @@ Md5Init ( > > OUT VOID *Md5Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); > > + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); > > } > > > > /** > > @@ -164,7 +168,7 @@ Md5Duplicate ( > > OUT VOID *NewMd5Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > > FALSE); > > + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > > FALSE, 7); > > } > > > > /** > > @@ -195,7 +199,7 @@ Md5Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > FALSE); > > + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > FALSE, > > 7); > > } > > > > /** > > @@ -227,7 +231,7 @@ Md5Final ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); > > + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, 7); > > } > > > > /** > > @@ -256,7 +260,7 @@ Md5HashAll ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE); > > + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE, > > 7); > > } > > > > #endif > > @@ -278,7 +282,7 @@ Sha1GetContextSize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); > > + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); > > } > > > > /** > > @@ -301,7 +305,7 @@ Sha1Init ( > > OUT VOID *Sha1Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); > > } > > > > /** > > @@ -326,7 +330,7 @@ Sha1Duplicate ( > > OUT VOID *NewSha1Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, NewSha1Context), > > FALSE, 7); > > } > > > > /** > > @@ -357,7 +361,7 @@ Sha1Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > FALSE, > > 7); > > } > > > > /** > > @@ -389,7 +393,7 @@ Sha1Final ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); > > + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, 7); > > } > > > > /** > > @@ -418,7 +422,7 @@ Sha1HashAll ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > FALSE); > > + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE, > > 7); > > } > > > > #endif > > @@ -435,7 +439,7 @@ Sha256GetContextSize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); > > + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); > > } > > > > /** > > @@ -456,7 +460,7 @@ Sha256Init ( > > OUT VOID *Sha256Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); > > } > > > > /** > > @@ -481,7 +485,7 @@ Sha256Duplicate ( > > OUT VOID *NewSha256Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > NewSha256Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > NewSha256Context), FALSE, 7); > > } > > > > /** > > @@ -510,7 +514,7 @@ Sha256Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, DataSize), > > FALSE, 7); > > } > > > > /** > > @@ -540,7 +544,7 @@ Sha256Final ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > FALSE); > > + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), FALSE, > > 7); > > } > > > > /** > > @@ -569,7 +573,7 @@ Sha256HashAll ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > FALSE, 7); > > } > > > > /** > > @@ -584,7 +588,7 @@ Sha384GetContextSize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); > > + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); > > } > > > > /** > > @@ -605,7 +609,7 @@ Sha384Init ( > > OUT VOID *Sha384Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); > > } > > > > /** > > @@ -630,7 +634,7 @@ Sha384Duplicate ( > > OUT VOID *NewSha384Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > NewSha384Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > NewSha384Context), FALSE, 7); > > } > > > > /** > > @@ -659,7 +663,7 @@ Sha384Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, DataSize), > > FALSE, 7); > > } > > > > /** > > @@ -689,7 +693,7 @@ Sha384Final ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > FALSE); > > + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), FALSE, > > 7); > > } > > > > /** > > @@ -718,7 +722,7 @@ Sha384HashAll ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > FALSE, 7); > > } > > > > /** > > @@ -733,7 +737,7 @@ Sha512GetContextSize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); > > + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); > > } > > > > /** > > @@ -754,7 +758,7 @@ Sha512Init ( > > OUT VOID *Sha512Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); > > } > > > > /** > > @@ -779,7 +783,7 @@ Sha512Duplicate ( > > OUT VOID *NewSha512Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > NewSha512Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > NewSha512Context), FALSE, 7); > > } > > > > /** > > @@ -808,7 +812,7 @@ Sha512Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, DataSize), > > FALSE, 7); > > } > > > > /** > > @@ -838,7 +842,7 @@ Sha512Final ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > FALSE); > > + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), FALSE, > > 7); > > } > > > > /** > > @@ -867,7 +871,7 @@ Sha512HashAll ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > FALSE, 7); > > } > > > > /** > > @@ -899,7 +903,7 @@ ParallelHash256HashAll ( > > IN UINTN CustomByteLen > > ) > > { > > - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE); > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE, > 8); > > } > > > > /** > > @@ -914,7 +918,7 @@ Sm3GetContextSize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); > > + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); > > } > > > > /** > > @@ -935,7 +939,7 @@ Sm3Init ( > > OUT VOID *Sm3Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); > > + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); > > } > > > > /** > > @@ -960,7 +964,7 @@ Sm3Duplicate ( > > OUT VOID *NewSm3Context > > ) > > { > > - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > > FALSE); > > + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > > FALSE, 7); > > } > > > > /** > > @@ -989,7 +993,7 @@ Sm3Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > FALSE); > > + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > FALSE, > > 7); > > } > > > > /** > > @@ -1019,7 +1023,7 @@ Sm3Final ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); > > + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, 7); > > } > > > > /** > > @@ -1048,7 +1052,7 @@ Sm3HashAll ( > > OUT UINT8 *HashValue > > ) > > { > > - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE); > > + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), FALSE, > > 7); > > } > > > > // > > > ================================================================ > > ===================== > > @@ -1068,7 +1072,7 @@ HmacSha256New ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); > > + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); > > } > > > > /** > > @@ -1083,7 +1087,7 @@ HmacSha256Free ( > > IN VOID *HmacSha256Ctx > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); > > + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), 7); > > } > > > > /** > > @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( > > IN UINTN KeySize > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > > KeySize), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > > KeySize), FALSE, 7); > > } > > > > /** > > @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( > > OUT VOID *NewHmacSha256Context > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > NewHmacSha256Context), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > NewHmacSha256Context), FALSE, 7); > > } > > > > /** > > @@ -1166,7 +1170,7 @@ HmacSha256Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, Data, > > DataSize), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > Data, > > DataSize), FALSE, 7); > > } > > > > /** > > @@ -1198,7 +1202,7 @@ HmacSha256Final ( > > OUT UINT8 *HmacValue > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > HmacValue), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > HmacValue), FALSE, 7); > > } > > > > /** > > @@ -1231,7 +1235,7 @@ HmacSha256All ( > > OUT UINT8 *HmacValue > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > HmacValue), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > HmacValue), FALSE, 9); > > } > > > > /** > > @@ -1247,7 +1251,7 @@ HmacSha384New ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); > > } > > > > /** > > @@ -1262,7 +1266,7 @@ HmacSha384Free ( > > IN VOID *HmacSha384Ctx > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), 9); > > } > > > > /** > > @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( > > IN UINTN KeySize > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > > KeySize), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > > KeySize), FALSE, 9); > > } > > > > /** > > @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( > > OUT VOID *NewHmacSha384Context > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > NewHmacSha384Context), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > NewHmacSha384Context), FALSE, 9); > > } > > > > /** > > @@ -1345,7 +1349,7 @@ HmacSha384Update ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, > > DataSize), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > Data, > > DataSize), FALSE, 9); > > } > > > > /** > > @@ -1377,7 +1381,7 @@ HmacSha384Final ( > > OUT UINT8 *HmacValue > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > HmacValue), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > HmacValue), FALSE, 9); > > } > > > > /** > > @@ -1410,7 +1414,7 @@ HmacSha384All ( > > OUT UINT8 *HmacValue > > ) > > { > > - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > HmacValue), FALSE); > > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > HmacValue), FALSE, 9); > > } > > > > // > > > ================================================================ > > ===================== > > @@ -1432,7 +1436,7 @@ AesGetContextSize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); > > + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); > > } > > > > /** > > @@ -1465,7 +1469,7 @@ AesInit ( > > IN UINTN KeyLength > > ) > > { > > - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); > > + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, 7); > > } > > > > /** > > @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( > > OUT UINT8 *Output > > ) > > { > > - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > Ivec, > > Output), FALSE); > > + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > Ivec, > > Output), FALSE, 7); > > } > > > > /** > > @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( > > OUT UINT8 *Output > > ) > > { > > - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > Ivec, > > Output), FALSE); > > + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > > Ivec, Output), FALSE, 7); > > } > > > > // > > > ================================================================ > > ===================== > > @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( > > OUT UINTN *DataOutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > DataOutSize), FALSE); > > + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > DataOutSize), FALSE, 11); > > } > > > > /** > > @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( > > OUT UINTN *DataOutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), > > FALSE); > > + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, DataOutSize), > > FALSE, 11); > > } > > > > // > > > ================================================================ > > ===================== > > @@ -1662,7 +1666,7 @@ RsaNew ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); > > + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); > > } > > > > /** > > @@ -1679,7 +1683,7 @@ RsaFree ( > > IN VOID *RsaContext > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); > > + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); > > } > > > > /** > > @@ -1713,7 +1717,7 @@ RsaSetKey ( > > IN UINTN BnSize > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > BnSize), FALSE); > > + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > BnSize), FALSE, 7); > > } > > > > /** > > @@ -1753,7 +1757,7 @@ RsaGetKey ( > > IN OUT UINTN *BnSize > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > BnSize), FALSE); > > + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > BnSize), FALSE, 7); > > } > > > > /** > > @@ -1788,7 +1792,7 @@ RsaGenerateKey ( > > IN UINTN PublicExponentSize > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > > PublicExponent, PublicExponentSize), FALSE); > > + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > > PublicExponent, PublicExponentSize), FALSE, 7); > > } > > > > /** > > @@ -1818,7 +1822,7 @@ RsaCheckKey ( > > IN VOID *RsaContext > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); > > + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); > > } > > > > /** > > @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( > > IN OUT UINTN *SigSize > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > HashSize, Signature, SigSize), FALSE); > > + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > HashSize, Signature, SigSize), FALSE, 7); > > } > > > > /** > > @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( > > IN UINTN SigSize > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > HashSize, Signature, SigSize), FALSE); > > + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > HashSize, Signature, SigSize), FALSE, 7); > > } > > > > /** > > @@ -1923,7 +1927,7 @@ RsaPssVerify ( > > IN UINT16 SaltLen > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > Signature, SigSize, DigestLen, SaltLen), FALSE); > > + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > Signature, SigSize, DigestLen, SaltLen), FALSE, 7); > > } > > > > /** > > @@ -1968,7 +1972,7 @@ RsaPssSign ( > > IN OUT UINTN *SigSize > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > DigestLen, SaltLen, Signature, SigSize), FALSE); > > + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > DigestLen, SaltLen, Signature, SigSize), FALSE, 7); > > } > > > > /** > > @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( > > OUT VOID **RsaContext > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, > > Password, RsaContext), FALSE); > > + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, PemSize, > > Password, RsaContext), FALSE, 7); > > } > > > > /** > > @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( > > OUT VOID **RsaContext > > ) > > { > > - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > RsaContext), FALSE); > > + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > RsaContext), FALSE, 7); > > } > > > > /** > > @@ -2059,7 +2063,7 @@ X509GetSubjectName ( > > IN OUT UINTN *SubjectSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > CertSubject, > > SubjectSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > CertSubject, > > SubjectSize), FALSE, 7); > > } > > > > /** > > @@ -2097,7 +2101,7 @@ X509GetCommonName ( > > IN OUT UINTN *CommonNameSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > CommonName, CommonNameSize), RETURN_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); > > } > > > > /** > > @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( > > IN OUT UINTN *NameBufferSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); > > } > > > > /** > > @@ -2165,7 +2169,7 @@ X509VerifyCert ( > > IN UINTN CACertSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > CACertSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > CACertSize), FALSE, 7); > > } > > > > /** > > @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( > > OUT UINT8 **SingleX509Cert > > ) > > { > > - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > SingleX509Cert), FALSE); > > + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > SingleX509Cert), FALSE, 7); > > } > > > > /** > > @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( > > IN VA_LIST Args > > ) > > { > > - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > Args), > > FALSE); > > + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > Args), > > FALSE, 7); > > } > > > > /** > > @@ -2273,7 +2277,7 @@ X509Free ( > > IN VOID *X509Cert > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); > > + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); > > } > > > > /** > > @@ -2290,7 +2294,7 @@ X509StackFree ( > > IN VOID *X509Stack > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); > > + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); > > } > > > > /** > > @@ -2319,7 +2323,7 @@ X509GetTBSCert ( > > OUT UINTN *TBSCertSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > TBSCertSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > TBSCertSize), FALSE, 7); > > } > > > > /** > > @@ -2346,7 +2350,7 @@ X509GetVersion ( > > OUT UINTN *Version > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE, > > 16); > > } > > > > /** > > @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( > > IN OUT UINTN *SerialNumberSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > SerialNumber, SerialNumberSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > SerialNumber, SerialNumberSize), FALSE, 16); > > } > > > > /** > > @@ -2412,7 +2416,7 @@ X509GetIssuerName ( > > IN OUT UINTN *CertIssuerSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > > CertIssuerSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > > CertIssuerSize), FALSE, 16); > > } > > > > /** > > @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( > > IN OUT UINTN *OidSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, > > OidSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, > > OidSize), FALSE, 16); > > } > > > > /** > > @@ -2476,7 +2480,7 @@ X509GetExtensionData ( > > IN OUT UINTN *ExtensionDataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > OidSize, ExtensionData, ExtensionDataSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); > > } > > > > /** > > @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( > > IN OUT UINTN *UsageSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > Usage, > > UsageSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > Usage, > > UsageSize), FALSE, 16); > > } > > > > /** > > @@ -2540,7 +2544,7 @@ X509GetValidity ( > > IN OUT UINTN *ToSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, > > To, ToSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, > > To, ToSize), FALSE, 16); > > } > > > > /** > > @@ -2574,7 +2578,7 @@ X509FormatDateTime ( > > IN OUT UINTN *DateTimeSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > > DateTimeSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > > DateTimeSize), FALSE, 16); > > } > > > > /** > > @@ -2600,7 +2604,7 @@ X509CompareDateTime ( > > IN CONST VOID *DateTime2 > > ) > > { > > - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > DateTime2), > > FALSE); > > + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > DateTime2), > > FALSE, 16); > > } > > > > /** > > @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( > > OUT UINTN *Usage > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE, > > 16); > > } > > > > /** > > @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( > > IN UINTN CertChainLength > > ) > > { > > - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, > > CertChain, CertChainLength), FALSE); > > + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, > > CertChain, CertChainLength), FALSE, 16); > > } > > > > /** > > @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( > > OUT UINTN *CertLength > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > CertChainLength, CertIndex, Cert, CertLength), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); > > } > > > > /** > > @@ -2704,7 +2708,7 @@ Asn1GetTag ( > > IN UINT32 Tag > > ) > > { > > - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); > > + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, 16); > > } > > > > /** > > @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( > > UINTN *BasicConstraintsSize > > ) > > { > > - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > CertSize, > > BasicConstraints, BasicConstraintsSize), FALSE); > > + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > CertSize, > > BasicConstraints, BasicConstraintsSize), FALSE, 16); > > } > > > > /** > > @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( > > OUT UINT8 *OutKey > > ) > > { > > - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > Password, > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); > > + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > Password, > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, 7); > > } > > > > /** > > @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( > > OUT UINTN *EncryptedDataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > FALSE); > > + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > InData, > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > FALSE, 7); > > } > > > > /** > > @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( > > OUT UINTN *CertLength > > ) > > { > > - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > > StackLength, TrustedCert, CertLength), FALSE); > > + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > > StackLength, TrustedCert, CertLength), FALSE, 7); > > } > > > > /** > > @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( > > IN UINT8 *Certs > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); > > + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); > > } > > > > /** > > @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( > > OUT UINTN *UnchainLength > > ) > > { > > - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); > > + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, 7); > > } > > > > /** > > @@ -2959,7 +2963,7 @@ Pkcs7Sign ( > > OUT UINTN *SignedDataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > SignedDataSize), FALSE); > > + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > SignedDataSize), FALSE, 7); > > } > > > > /** > > @@ -2995,7 +2999,7 @@ Pkcs7Verify ( > > IN UINTN DataLength > > ) > > { > > - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > CertLength, InData, DataLength), FALSE); > > + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > CertLength, InData, DataLength), FALSE, 7); > > } > > > > /** > > @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( > > IN BOOLEAN RequireAllPresent > > ) > > { > > - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE); > > + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE, > > 7); > > } > > > > /** > > @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( > > OUT UINTN *ContentSize > > ) > > { > > - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > Content, ContentSize), FALSE); > > + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > Content, ContentSize), FALSE, 7); > > } > > > > /** > > @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( > > IN UINTN HashSize > > ) > > { > > - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > TrustedCert, CertSize, ImageHash, HashSize), FALSE); > > + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); > > } > > > > /** > > @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( > > OUT EFI_TIME *SigningTime > > ) > > { > > - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > TsaCert, CertSize, SigningTime), FALSE); > > + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > TsaCert, CertSize, SigningTime), FALSE, 7); > > } > > > > // > > > ================================================================ > > ===================== > > @@ -3164,7 +3168,7 @@ DhNew ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (DhNew, (), NULL); > > + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); > > } > > > > /** > > @@ -3181,7 +3185,7 @@ DhFree ( > > IN VOID *DhContext > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); > > + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); > > } > > > > /** > > @@ -3217,7 +3221,7 @@ DhGenerateParameter ( > > OUT UINT8 *Prime > > ) > > { > > - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > > PrimeLength, Prime), FALSE); > > + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > > PrimeLength, Prime), FALSE, 7); > > } > > > > /** > > @@ -3252,7 +3256,7 @@ DhSetParameter ( > > IN CONST UINT8 *Prime > > ) > > { > > - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > PrimeLength, Prime), FALSE); > > + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > PrimeLength, Prime), FALSE, 7); > > } > > > > /** > > @@ -3287,7 +3291,7 @@ DhGenerateKey ( > > IN OUT UINTN *PublicKeySize > > ) > > { > > - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > PublicKeySize), FALSE); > > + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > PublicKeySize), FALSE, 7); > > } > > > > /** > > @@ -3326,7 +3330,7 @@ DhComputeKey ( > > IN OUT UINTN *KeySize > > ) > > { > > - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > PeerPublicKeySize, Key, KeySize), FALSE); > > + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > PeerPublicKeySize, Key, KeySize), FALSE, 7); > > } > > > > // > > > ================================================================ > > ===================== > > @@ -3358,7 +3362,7 @@ RandomSeed ( > > IN UINTN SeedSize > > ) > > { > > - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); > > + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); > > } > > > > /** > > @@ -3382,7 +3386,7 @@ RandomBytes ( > > IN UINTN Size > > ) > > { > > - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); > > + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); > > } > > > > // > > > ================================================================ > > ===================== > > @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( > > IN UINTN OutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > Salt, > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > Salt, > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); > > } > > > > /** > > @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( > > UINTN PrkOutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > > PrkOut, PrkOutSize), FALSE); > > + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > > PrkOut, PrkOutSize), FALSE, 10); > > } > > > > /** > > @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( > > IN UINTN OutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > > Out, OutSize), FALSE); > > + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > > Out, OutSize), FALSE, 10); > > } > > > > /** > > @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( > > IN UINTN OutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > Salt, > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > Salt, > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); > > } > > > > /** > > @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( > > UINTN PrkOutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > > PrkOut, PrkOutSize), FALSE); > > + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > > PrkOut, PrkOutSize), FALSE, 10); > > } > > > > /** > > @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( > > IN UINTN OutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > > Out, OutSize), FALSE); > > + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > > Out, OutSize), FALSE, 10); > > } > > > > /** > > @@ -3582,7 +3586,7 @@ TlsInitialize ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); > > + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); > > } > > > > /** > > @@ -3597,7 +3601,7 @@ TlsCtxFree ( > > IN VOID *TlsCtx > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); > > + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); > > } > > > > /** > > @@ -3618,7 +3622,7 @@ TlsCtxNew ( > > IN UINT8 MinorVer > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); > > + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); > > } > > > > /** > > @@ -3636,7 +3640,7 @@ TlsFree ( > > IN VOID *Tls > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); > > + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); > > } > > > > /** > > @@ -3658,7 +3662,7 @@ TlsNew ( > > IN VOID *TlsCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); > > + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); > > } > > > > /** > > @@ -3678,7 +3682,7 @@ TlsInHandshake ( > > IN VOID *Tls > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); > > + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); > > } > > > > /** > > @@ -3717,7 +3721,7 @@ TlsDoHandshake ( > > IN OUT UINTN *BufferOutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -3755,7 +3759,7 @@ TlsHandleAlert ( > > IN OUT UINTN *BufferOutSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -3784,7 +3788,7 @@ TlsCloseNotify ( > > IN OUT UINTN *BufferSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( > > IN UINTN BufferSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, 7); > > } > > > > /** > > @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( > > IN UINTN BufferSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); > > } > > > > /** > > @@ -3860,7 +3864,7 @@ TlsRead ( > > IN UINTN BufferSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); > > + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); > > } > > > > /** > > @@ -3886,7 +3890,7 @@ TlsWrite ( > > IN UINTN BufferSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); > > + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); > > } > > > > /** > > @@ -3908,7 +3912,7 @@ TlsShutdown ( > > IN VOID *Tls > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); > > } > > > > /** > > @@ -3933,7 +3937,7 @@ TlsSetVersion ( > > IN UINT8 MinorVer > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( > > IN BOOLEAN IsServer > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -3985,7 +3989,7 @@ TlsSetCipherList ( > > IN UINTN CipherNum > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( > > IN UINT8 CompMethod > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4025,7 +4029,7 @@ TlsSetVerify ( > > IN UINT32 VerifyMode > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); > > + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); > > } > > > > /** > > @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( > > IN CHAR8 *HostName > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4074,7 +4078,7 @@ TlsSetSessionId ( > > IN UINT16 SessionIdLen > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( > > IN VOID *Password OPTIONAL > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > Password), EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > Password), EFI_UNSUPPORTED, 14); > > } > > > > /** > > @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 14); > > } > > > > /** > > @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 14); > > } > > > > /** > > @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( > > IN UINTN DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 14); > > } > > > > /** > > @@ -4286,7 +4290,7 @@ TlsGetVersion ( > > IN VOID *Tls > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); > > + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); > > } > > > > /** > > @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( > > IN VOID *Tls > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); > > + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); > > } > > > > /** > > @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( > > IN OUT UINT16 *CipherId > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( > > IN OUT UINT8 *CompressionId > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > CompressionId), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > CompressionId), EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4380,7 +4384,7 @@ TlsGetVerify ( > > IN VOID *Tls > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); > > + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); > > } > > > > /** > > @@ -4406,7 +4410,7 @@ TlsGetSessionId ( > > IN OUT UINT16 *SessionIdLen > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( > > IN OUT UINT8 *ClientRandom > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom)); > > + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, ClientRandom), > > 7); > > } > > > > /** > > @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( > > IN OUT UINT8 *ServerRandom > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > ServerRandom)); > > + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > ServerRandom), > > 7); > > } > > > > /** > > @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( > > IN OUT UINT8 *KeyMaterial > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( > > IN OUT UINTN *DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( > > IN OUT UINTN *DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( > > IN OUT UINTN *DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( > > IN OUT UINTN *DataSize > > ) > > { > > - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > EFI_UNSUPPORTED); > > + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > EFI_UNSUPPORTED, 7); > > } > > > > /** > > @@ -4615,7 +4619,8 @@ TlsGetExportKey ( > > TlsGetExportKey, > > (Tls, Label, Context, ContextLen, > > KeyBuffer, KeyBufferLen), > > - EFI_UNSUPPORTED > > + EFI_UNSUPPORTED, > > + 14 > > ); > > } > > > > @@ -4634,7 +4639,7 @@ BigNumInit ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); > > + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); > > } > > > > /** > > @@ -4652,7 +4657,7 @@ BigNumFromBin ( > > IN UINTN Len > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); > > + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); > > } > > > > /** > > @@ -4671,7 +4676,7 @@ BigNumToBin ( > > OUT UINT8 *Buf > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); > > + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); > > } > > > > /** > > @@ -4687,7 +4692,7 @@ BigNumFree ( > > IN BOOLEAN Clear > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); > > + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); > > } > > > > /** > > @@ -4710,7 +4715,7 @@ BigNumAdd ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); > > } > > > > /** > > @@ -4733,7 +4738,7 @@ BigNumSub ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); > > } > > > > /** > > @@ -4756,7 +4761,7 @@ BigNumMod ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); > > } > > > > /** > > @@ -4781,7 +4786,7 @@ BigNumExpMod ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), FALSE, > > 12); > > } > > > > /** > > @@ -4804,7 +4809,7 @@ BigNumInverseMod ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE, > > 12); > > } > > > > /** > > @@ -4827,7 +4832,7 @@ BigNumDiv ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); > > } > > > > /** > > @@ -4852,7 +4857,7 @@ BigNumMulMod ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > FALSE); > > + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), FALSE, > > 12); > > } > > > > /** > > @@ -4872,7 +4877,7 @@ BigNumCmp ( > > IN CONST VOID *BnB > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); > > + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); > > } > > > > /** > > @@ -4888,7 +4893,7 @@ BigNumBits ( > > IN CONST VOID *Bn > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); > > + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); > > } > > > > /** > > @@ -4904,7 +4909,7 @@ BigNumBytes ( > > IN CONST VOID *Bn > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); > > + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); > > } > > > > /** > > @@ -4923,7 +4928,7 @@ BigNumIsWord ( > > IN UINTN Num > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); > > } > > > > /** > > @@ -4940,7 +4945,7 @@ BigNumIsOdd ( > > IN CONST VOID *Bn > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); > > } > > > > /** > > @@ -4959,7 +4964,7 @@ BigNumCopy ( > > IN CONST VOID *BnSrc > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); > > + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); > > } > > > > /** > > @@ -4974,7 +4979,7 @@ BigNumValueOne ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); > > + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); > > } > > > > /** > > @@ -4997,7 +5002,7 @@ BigNumRShift ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); > > } > > > > /** > > @@ -5013,7 +5018,7 @@ BigNumConstTime ( > > IN VOID *Bn > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); > > + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); > > } > > > > /** > > @@ -5036,7 +5041,7 @@ BigNumSqrMod ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, 12); > > } > > > > /** > > @@ -5052,7 +5057,7 @@ BigNumNewContext ( > > VOID > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); > > + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); > > } > > > > /** > > @@ -5066,7 +5071,7 @@ BigNumContextFree ( > > IN VOID *BnCtx > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); > > + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); > > } > > > > /** > > @@ -5085,7 +5090,7 @@ BigNumSetUint ( > > IN UINTN Val > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); > > + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); > > } > > > > /** > > @@ -5108,7 +5113,7 @@ BigNumAddMod ( > > OUT VOID *BnRes > > ) > > { > > - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > FALSE); > > + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > FALSE, > > 12); > > } > > > > /** > > @@ -5128,7 +5133,7 @@ EcGroupInit ( > > IN UINTN CryptoNid > > ) > > { > > - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); > > + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); > > } > > > > /** > > @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, > > BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, > > BnCtx), FALSE, 13); > > } > > > > /** > > @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( > > OUT VOID *BnOrder > > ) > > { > > - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); > > + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE, > 13); > > } > > > > /** > > @@ -5192,7 +5197,7 @@ EcGroupFree ( > > IN VOID *EcGroup > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); > > + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); > > } > > > > /** > > @@ -5210,7 +5215,7 @@ EcPointInit ( > > IN CONST VOID *EcGroup > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); > > + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); > > } > > > > /** > > @@ -5226,7 +5231,7 @@ EcPointDeInit ( > > IN BOOLEAN Clear > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); > > + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); > > } > > > > /** > > @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, > > BnX, BnY, BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, > > BnX, BnY, BnCtx), FALSE, 13); > > } > > > > /** > > @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, > > BnX, BnY, BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, > > BnX, BnY, BnCtx), FALSE, 13); > > } > > > > /** > > @@ -5305,7 +5310,7 @@ EcPointAdd ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > > EcPointB, BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > > EcPointB, BnCtx), FALSE, 13); > > } > > > > /** > > @@ -5331,7 +5336,7 @@ EcPointMul ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > BnPScalar, BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > BnPScalar, BnCtx), FALSE, 13); > > } > > > > /** > > @@ -5352,7 +5357,7 @@ EcPointInvert ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE, > > 13); > > } > > > > /** > > @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > FALSE); > > + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > FALSE, 13); > > } > > > > /** > > @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( > > IN CONST VOID *EcPoint > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, > 13); > > } > > > > /** > > @@ -5415,7 +5420,7 @@ EcPointEqual ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > BnCtx), FALSE, 13); > > } > > > > /** > > @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( > > IN VOID *BnCtx > > ) > > { > > - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > EcPoint, BnX, YBit, BnCtx), FALSE); > > + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > EcPoint, BnX, YBit, BnCtx), FALSE, 13); > > } > > > > /** > > @@ -5462,7 +5467,7 @@ EcNewByNid ( > > IN UINTN Nid > > ) > > { > > - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); > > + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); > > } > > > > /** > > @@ -5476,7 +5481,7 @@ EcFree ( > > IN VOID *EcContext > > ) > > { > > - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); > > + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); > > } > > > > /** > > @@ -5513,7 +5518,7 @@ EcGenerateKey ( > > IN OUT UINTN *PublicKeySize > > ) > > { > > - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > PublicKeySize), FALSE); > > + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > PublicKeySize), FALSE, 13); > > } > > > > /** > > @@ -5538,7 +5543,7 @@ EcGetPubKey ( > > IN OUT UINTN *PublicKeySize > > ) > > { > > - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > PublicKeySize), > > FALSE); > > + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > PublicKeySize), FALSE, 13); > > } > > > > /** > > @@ -5577,7 +5582,7 @@ EcDhComputeKey ( > > IN OUT UINTN *KeySize > > ) > > { > > - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE); > > + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); > > } > > > > /** > > @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( > > OUT VOID **EcContext > > ) > > { > > - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > EcContext), FALSE); > > + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > EcContext), FALSE, 15); > > } > > > > /** > > @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( > > OUT VOID **EcContext > > ) > > { > > - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > > Password, EcContext), FALSE); > > + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > > Password, EcContext), FALSE, 15); > > } > > > > /** > > @@ -5676,7 +5681,7 @@ EcDsaSign ( > > IN OUT UINTN *SigSize > > ) > > { > > - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > > HashSize, Signature, SigSize), FALSE); > > + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > > HashSize, Signature, SigSize), FALSE, 15); > > } > > > > /** > > @@ -5713,5 +5718,5 @@ EcDsaVerify ( > > IN UINTN SigSize > > ) > > { > > - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, > > HashSize, Signature, SigSize), FALSE); > > + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, MessageHash, > > HashSize, Signature, SigSize), FALSE, 15); > > } > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > index dc7527bb01..fe9cdc0d4d 100644 > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( > > ) > > { > > EFI_STATUS Status; > > - UINTN Version; > > > > Status = gBS->LocateProtocol ( > > &gEdkiiCryptoProtocolGuid, > > @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( > > return EFI_NOT_FOUND; > > } > > > > - Version = mCryptoProtocol->GetVersion (); > > - if (Version < EDKII_CRYPTO_VERSION) { > > - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported > > version %d\n", Version)); > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > - mCryptoProtocol = NULL; > > - return EFI_NOT_FOUND; > > - } > > - > > return EFI_SUCCESS; > > } > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > index 51f858302f..6ad1d3afe0 100644 > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > @@ -30,7 +30,6 @@ GetCryptoServices ( > > { > > EFI_STATUS Status; > > EDKII_CRYPTO_PPI *CryptoPpi; > > - UINTN Version; > > > > CryptoPpi = NULL; > > Status = PeiServicesLocatePpi ( > > @@ -46,12 +45,5 @@ GetCryptoServices ( > > return NULL; > > } > > > > - Version = CryptoPpi->GetVersion (); > > - if (Version < EDKII_CRYPTO_VERSION) { > > - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported > > version %d\n", Version)); > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > - return NULL; > > - } > > - > > return (VOID *)CryptoPpi; > > } > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > index be0f44e63b..6c7c75c8a7 100644 > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( > > ) > > { > > EFI_STATUS Status; > > - UINTN Version; > > > > Status = gSmst->SmmLocateProtocol ( > > &gEdkiiSmmCryptoProtocolGuid, > > @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( > > return EFI_NOT_FOUND; > > } > > > > - Version = mSmmCryptoProtocol->GetVersion (); > > - if (Version < EDKII_CRYPTO_VERSION) { > > - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol > > unsupported version %d\n", Version)); > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > - mSmmCryptoProtocol = NULL; > > - return EFI_NOT_FOUND; > > - } > > - > > return EFI_SUCCESS; > > } > > -- > > 2.31.1.windows.1 > > > > > > > > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
[parent not found: <1737B458A2E4874C.7095@groups.io>]
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible [not found] ` <1737B458A2E4874C.7095@groups.io> @ 2023-01-06 12:13 ` Yao, Jiewen 2023-01-06 15:09 ` Li, Yi 0 siblings, 1 reply; 9+ messages in thread From: Yao, Jiewen @ 2023-01-06 12:13 UTC (permalink / raw) To: devel@edk2.groups.io, Yao, Jiewen, Li, Yi1 Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Kinney, Michael D Hi Yi I believe I have some misunderstanding, after I read the definition again. According to https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/Crypto.h#L24, the version means "The version of the EDK II Crypto Protocol." It is not the version of the implementation. As such, my comment on bug fix does not stand. I am sorry to bring the confusing. With that, I don't have a super strong reason to reject, so far. However, I am still not sure why the CryptoConsumer need link a higher version CryptoLib wrapper, if it wants to work with old CryptoBin. Thank you Yao, Jiewen > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, > Jiewen > Sent: Friday, January 6, 2023 7:21 PM > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > Michael D <michael.d.kinney@intel.com> > Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Perhaps we can ask developers to update the minimum version of CyptoAPI > after bug or security fixes. > > [Jiewen] First, this is a new requirement. Hard to enforce. > Second, if you do this, then you *may* need update the CryptoBin, if > CryptoConsumer is updated. > Third, it is hard to determine *when* to upgrade the MinVersion, especially > when a bug fix is in the dependency module. For example, the code in > CryptoPkg does not update, but the MdePkg update, which may cause the > CryptoBin update. Should we update MinVersion? It will bring a burden to > the one who maintains the MinVersion. > > I believe it will create more potential compatibility problem. > > > One more question: > If you want to update CryptoConsumer, but keep CryptoBin. Why you want > to link a higher version of CryptoLib wrapper? Why not use the old version > CryptoLib wrapper? > > Thank you > Yao, Jiewen > > > -----Original Message----- > > From: Li, Yi1 <yi1.li@intel.com> > > Sent: Friday, January 6, 2023 7:07 PM > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > > Michael D <michael.d.kinney@intel.com> > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > Hi Jiewen, > > > > Thanks for feedback. > > > > >If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin > at > > the same time? > > > > 1. CryptoConsumer and CryptoBin are usually delivered by different people. > > For example, some features that require CryptoBin are responsible for by > an > > independent team, but Cyptobin is responsible for the platform as part of > > the platform firmware. > > > > 2. In the actual development process, the update of CryptoBin is often > > difficult due to reasons such as binary size or freeze of platform code, > > especially on older platforms, which will cause the feature development > > team to have to maintain multiple feature versions based on different EDK2 > > CyptoPkg. > > > > > But it is NOT TRUE, if you care the implementation of API. Maybe the > higher > > version of an API fixed some bug, or add some new features. > > > > Perhaps we can ask developers to update the minimum version of > CyptoAPI > > after bug or security fixes. > > > > Thanks, > > Yi > > > > -----Original Message----- > > From: Yao, Jiewen <jiewen.yao@intel.com> > > Sent: Friday, January 6, 2023 6:06 PM > > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > > Michael D <michael.d.kinney@intel.com> > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > Thanks Yi. > > You raised a very interesting question. > > > > + Mike Kinney, to comment from the requirement perspective. > > > > The original design is very simple: CryptoBin.Version >= > > CryptoConsumer.Version. > > > > Now you want to handle the case that: CryptoConsumer.Version > > > CryptoBin.Version, but the CryptoConsumer.Api is already present in > > CryptoBin.Api. > > To me, the hidden assumption is that: As long as an API is present, it will be > > used. The version of the API is not cared. > > > > This is only TRUE, if you only care the API is present or absent. > > But it is NOT TRUE, if you care the implementation of API. Maybe the higher > > version of an API fixed some bug, or add some new features. > > > > I believe this is very dangerous downgrade. I don't recommend we do it. > > Mike, what do you think? > > > > Question to Yi: If you can upgrade the CryptoConsumer, why not upgrade > the > > CryptoBin at the same time? > > > > Thank you > > Yao, Jiewen > > > > > -----Original Message----- > > > From: Li, Yi1 <yi1.li@intel.com> > > > Sent: Wednesday, January 4, 2023 10:03 AM > > > To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com> > > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J > > > <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > > > Guomin <guomin.jiang@intel.com> > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > API > > > backward compatible > > > > > > Hi, any comments about this BZ and patch? > > > Code link: https://github.com/tianocore/edk2/pull/3787 > > > > > > -----Original Message----- > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, Yi > > > Sent: Monday, December 19, 2022 2:24 PM > > > To: devel@edk2.groups.io > > > Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, > > > Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; > Jiang, > > > Guomin <guomin.jiang@intel.com> > > > Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > > backward compatible > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 > > > > > > Using older Crypto protocol will be allowed. > > > Each function wrapper will be annotated to require a minimum required > > > version of the crypto protocol and assert if called when the version is > > > not compatible. > > > Ths minimum version difined as the version when the API was introduced. > > > Details: > > > ///Parallel hash: MinVersion 8 > > > ParallelHash256HashAll, > > > /// HMAC SHA256 (continued): MinVersion 9 > > > HmacSha256All, > > > /// HMAC SHA384: MinVersion 9 > > > HmacSha384New, > > > ... > > > HmacSha384All, > > > /// HKDF (continued): MinVersion 10 > > > HkdfSha256Extract, > > > ... > > > HkdfSha384Expand, > > > /// Aead Aes GCM: MinVersion 11 > > > AeadAesGcmEncrypt, > > > AeadAesGcmDecrypt, > > > /// Big Numbers: MinVersion 12 > > > BigNumInit, > > > ... > > > BigNumAddMod, > > > /// EC: MinVersion 13 > > > EcGroupInit, > > > ... > > > EcDhComputeKey, > > > /// TLS (continued): MinVersion 14 > > > TlsShutdown, > > > ... > > > TlsGetExportKey, > > > /// Ec (Continued): MinVersion 15 > > > EcGetPublicKeyFromX509, > > > ... > > > EcDsaVerify, > > > /// X509 (Continued): MinVersion 16 > > > X509GetVersion, > > > ... > > > X509GetExtendedBasicConstraints > > > /// Others: MinVersion 7 > > > > > > Cc: Jiewen Yao <jiewen.yao@intel.com> > > > Cc: Jian J Wang <jian.j.wang@intel.com> > > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> > > > Cc: Guomin Jiang <guomin.jiang@intel.com> > > > Signed-off-by: Yi Li <yi1.li@intel.com> > > > --- > > > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- > > > .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - > > > .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - > > > .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - > > > 4 files changed, 227 insertions(+), 248 deletions(-) > > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > index 4e31bc278e..e470a0f0d4 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > @@ -24,18 +24,20 @@ > > > @param Args The argument list to pass to Function. > > > @param ErrorReturnValue The value to return if the protocol is NULL > or > > > the > > > service in the protocol is NULL. > > > - > > > -**/ > > > -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) \ > > > - do { \ > > > - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > - \ > > > - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > \ > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > - return (CryptoServices->Function) Args; \ > > > - } \ > > > - CryptoServiceNotAvailable (#Function); \ > > > - return ErrorReturnValue; \ > > > + @param MinVersion The minimum protocol version that supports > > the > > > API. > > > + > > > +**/ > > > +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, > > > MinVersion) \ > > > + do { \ > > > + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > + \ > > > + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > > \ > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && > \ > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > + return (CryptoServices->Function) Args; \ > > > + } \ > > > + CryptoServiceNotAvailable (#Function); \ > > > + return ErrorReturnValue; \ > > > } while (FALSE); > > > > > > /** > > > @@ -45,14 +47,16 @@ > > > > > > @param Function Name of the EDK II Crypto Protocol service to > call. > > > @param Args The argument list to pass to Function. > > > + @param MinVersion The minimum protocol version that supports > > the > > > API. > > > > > > **/ > > > -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ > > > +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) > \ > > > do { \ > > > EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > \ > > > CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > (CryptoServices->Function) Args; \ > > > return; \ > > > } \ > > > @@ -116,7 +120,7 @@ Md5GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -139,7 +143,7 @@ Md5Init ( > > > OUT VOID *Md5Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -164,7 +168,7 @@ Md5Duplicate ( > > > OUT VOID *NewMd5Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, > NewMd5Context), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -195,7 +199,7 @@ Md5Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -227,7 +231,7 @@ Md5Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, 7); > > > } > > > > > > /** > > > @@ -256,7 +260,7 @@ Md5HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > FALSE); > > > + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > FALSE, > > > 7); > > > } > > > > > > #endif > > > @@ -278,7 +282,7 @@ Sha1GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -301,7 +305,7 @@ Sha1Init ( > > > OUT VOID *Sha1Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -326,7 +330,7 @@ Sha1Duplicate ( > > > OUT VOID *NewSha1Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > NewSha1Context), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > NewSha1Context), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -357,7 +361,7 @@ Sha1Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -389,7 +393,7 @@ Sha1Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, > 7); > > > } > > > > > > /** > > > @@ -418,7 +422,7 @@ Sha1HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > FALSE, > > > 7); > > > } > > > > > > #endif > > > @@ -435,7 +439,7 @@ Sha256GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -456,7 +460,7 @@ Sha256Init ( > > > OUT VOID *Sha256Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -481,7 +485,7 @@ Sha256Duplicate ( > > > OUT VOID *NewSha256Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > NewSha256Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > NewSha256Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -510,7 +514,7 @@ Sha256Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > DataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -540,7 +544,7 @@ Sha256Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -569,7 +573,7 @@ Sha256HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -584,7 +588,7 @@ Sha384GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -605,7 +609,7 @@ Sha384Init ( > > > OUT VOID *Sha384Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -630,7 +634,7 @@ Sha384Duplicate ( > > > OUT VOID *NewSha384Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > NewSha384Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > NewSha384Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -659,7 +663,7 @@ Sha384Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > DataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -689,7 +693,7 @@ Sha384Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -718,7 +722,7 @@ Sha384HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -733,7 +737,7 @@ Sha512GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -754,7 +758,7 @@ Sha512Init ( > > > OUT VOID *Sha512Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -779,7 +783,7 @@ Sha512Duplicate ( > > > OUT VOID *NewSha512Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > NewSha512Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > NewSha512Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -808,7 +812,7 @@ Sha512Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > DataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -838,7 +842,7 @@ Sha512Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -867,7 +871,7 @@ Sha512HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -899,7 +903,7 @@ ParallelHash256HashAll ( > > > IN UINTN CustomByteLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), > FALSE); > > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE, > > 8); > > > } > > > > > > /** > > > @@ -914,7 +918,7 @@ Sm3GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -935,7 +939,7 @@ Sm3Init ( > > > OUT VOID *Sm3Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -960,7 +964,7 @@ Sm3Duplicate ( > > > OUT VOID *NewSm3Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -989,7 +993,7 @@ Sm3Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -1019,7 +1023,7 @@ Sm3Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, 7); > > > } > > > > > > /** > > > @@ -1048,7 +1052,7 @@ Sm3HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > FALSE, > > > 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1068,7 +1072,7 @@ HmacSha256New ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); > > > + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); > > > } > > > > > > /** > > > @@ -1083,7 +1087,7 @@ HmacSha256Free ( > > > IN VOID *HmacSha256Ctx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), 7); > > > } > > > > > > /** > > > @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( > > > IN UINTN KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > > > KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > > > KeySize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( > > > OUT VOID *NewHmacSha256Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > NewHmacSha256Context), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > NewHmacSha256Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -1166,7 +1170,7 @@ HmacSha256Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > Data, > > > DataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > > Data, > > > DataSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1198,7 +1202,7 @@ HmacSha256Final ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > HmacValue), FALSE, 7); > > > } > > > > > > /** > > > @@ -1231,7 +1235,7 @@ HmacSha256All ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE, 9); > > > } > > > > > > /** > > > @@ -1247,7 +1251,7 @@ HmacSha384New ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > > > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); > > > } > > > > > > /** > > > @@ -1262,7 +1266,7 @@ HmacSha384Free ( > > > IN VOID *HmacSha384Ctx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), 9); > > > } > > > > > > /** > > > @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( > > > IN UINTN KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > > > KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > > > KeySize), FALSE, 9); > > > } > > > > > > /** > > > @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( > > > OUT VOID *NewHmacSha384Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > NewHmacSha384Context), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > NewHmacSha384Context), FALSE, 9); > > > } > > > > > > /** > > > @@ -1345,7 +1349,7 @@ HmacSha384Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > Data, > > > DataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > > Data, > > > DataSize), FALSE, 9); > > > } > > > > > > /** > > > @@ -1377,7 +1381,7 @@ HmacSha384Final ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > HmacValue), FALSE, 9); > > > } > > > > > > /** > > > @@ -1410,7 +1414,7 @@ HmacSha384All ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE, 9); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1432,7 +1436,7 @@ AesGetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -1465,7 +1469,7 @@ AesInit ( > > > IN UINTN KeyLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); > > > + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, > 7); > > > } > > > > > > /** > > > @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( > > > OUT UINT8 *Output > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > Ivec, > > > Output), FALSE); > > > + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > Ivec, > > > Output), FALSE, 7); > > > } > > > > > > /** > > > @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( > > > OUT UINT8 *Output > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > > Ivec, > > > Output), FALSE); > > > + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > > > Ivec, Output), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( > > > OUT UINTN *DataOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > DataOutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > DataOutSize), FALSE, 11); > > > } > > > > > > /** > > > @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( > > > OUT UINTN *DataOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > DataOutSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > DataOutSize), > > > FALSE, 11); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1662,7 +1666,7 @@ RsaNew ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); > > > + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); > > > } > > > > > > /** > > > @@ -1679,7 +1683,7 @@ RsaFree ( > > > IN VOID *RsaContext > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); > > > + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); > > > } > > > > > > /** > > > @@ -1713,7 +1717,7 @@ RsaSetKey ( > > > IN UINTN BnSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1753,7 +1757,7 @@ RsaGetKey ( > > > IN OUT UINTN *BnSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1788,7 +1792,7 @@ RsaGenerateKey ( > > > IN UINTN PublicExponentSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > > > PublicExponent, PublicExponentSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > > > PublicExponent, PublicExponentSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1818,7 +1822,7 @@ RsaCheckKey ( > > > IN VOID *RsaContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); > > > } > > > > > > /** > > > @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( > > > IN OUT UINTN *SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( > > > IN UINTN SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1923,7 +1927,7 @@ RsaPssVerify ( > > > IN UINT16 SaltLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > Signature, SigSize, DigestLen, SaltLen), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > Signature, SigSize, DigestLen, SaltLen), FALSE, 7); > > > } > > > > > > /** > > > @@ -1968,7 +1972,7 @@ RsaPssSign ( > > > IN OUT UINTN *SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > DigestLen, SaltLen, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > DigestLen, SaltLen, Signature, SigSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( > > > OUT VOID **RsaContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > PemSize, > > > Password, RsaContext), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > PemSize, > > > Password, RsaContext), FALSE, 7); > > > } > > > > > > /** > > > @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( > > > OUT VOID **RsaContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > RsaContext), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > RsaContext), FALSE, 7); > > > } > > > > > > /** > > > @@ -2059,7 +2063,7 @@ X509GetSubjectName ( > > > IN OUT UINTN *SubjectSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > CertSubject, > > > SubjectSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > CertSubject, > > > SubjectSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2097,7 +2101,7 @@ X509GetCommonName ( > > > IN OUT UINTN *CommonNameSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( > > > IN OUT UINTN *NameBufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -2165,7 +2169,7 @@ X509VerifyCert ( > > > IN UINTN CACertSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > CACertSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > CACertSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( > > > OUT UINT8 **SingleX509Cert > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > SingleX509Cert), FALSE); > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > SingleX509Cert), FALSE, 7); > > > } > > > > > > /** > > > @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( > > > IN VA_LIST Args > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > Args), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > Args), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -2273,7 +2277,7 @@ X509Free ( > > > IN VOID *X509Cert > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); > > > + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); > > > } > > > > > > /** > > > @@ -2290,7 +2294,7 @@ X509StackFree ( > > > IN VOID *X509Stack > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); > > > + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); > > > } > > > > > > /** > > > @@ -2319,7 +2323,7 @@ X509GetTBSCert ( > > > OUT UINTN *TBSCertSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > TBSCertSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > TBSCertSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2346,7 +2350,7 @@ X509GetVersion ( > > > OUT UINTN *Version > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > FALSE, > > > 16); > > > } > > > > > > /** > > > @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( > > > IN OUT UINTN *SerialNumberSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > SerialNumber, SerialNumberSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > SerialNumber, SerialNumberSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2412,7 +2416,7 @@ X509GetIssuerName ( > > > IN OUT UINTN *CertIssuerSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > > > CertIssuerSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, > CertIssuer, > > > CertIssuerSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( > > > IN OUT UINTN *OidSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > Oid, > > > OidSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > Oid, > > > OidSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2476,7 +2480,7 @@ X509GetExtensionData ( > > > IN OUT UINTN *ExtensionDataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > OidSize, ExtensionData, ExtensionDataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( > > > IN OUT UINTN *UsageSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > Usage, > > > UsageSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > Usage, > > > UsageSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2540,7 +2544,7 @@ X509GetValidity ( > > > IN OUT UINTN *ToSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > FromSize, > > > To, ToSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > FromSize, > > > To, ToSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2574,7 +2578,7 @@ X509FormatDateTime ( > > > IN OUT UINTN *DateTimeSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > > > DateTimeSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > > > DateTimeSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2600,7 +2604,7 @@ X509CompareDateTime ( > > > IN CONST VOID *DateTime2 > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > DateTime2), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > DateTime2), > > > FALSE, 16); > > > } > > > > > > /** > > > @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( > > > OUT UINTN *Usage > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > FALSE, > > > 16); > > > } > > > > > > /** > > > @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( > > > IN UINTN CertChainLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > RootCertLength, > > > CertChain, CertChainLength), FALSE); > > > + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > RootCertLength, > > > CertChain, CertChainLength), FALSE, 16); > > > } > > > > > > /** > > > @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( > > > OUT UINTN *CertLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > CertChainLength, CertIndex, Cert, CertLength), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); > > > } > > > > > > /** > > > @@ -2704,7 +2708,7 @@ Asn1GetTag ( > > > IN UINT32 Tag > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); > > > + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, 16); > > > } > > > > > > /** > > > @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( > > > UINTN *BasicConstraintsSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > CertSize, > > > BasicConstraints, BasicConstraintsSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > CertSize, > > > BasicConstraints, BasicConstraintsSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( > > > OUT UINT8 *OutKey > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > Password, > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > Password, > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, 7); > > > } > > > > > > /** > > > @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( > > > OUT UINTN *EncryptedDataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > InData, > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > > InData, > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( > > > OUT UINTN *CertLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > > > StackLength, TrustedCert, CertLength), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > > > StackLength, TrustedCert, CertLength), FALSE, 7); > > > } > > > > > > /** > > > @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( > > > IN UINT8 *Certs > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); > > > + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); > > > } > > > > > > /** > > > @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( > > > OUT UINTN *UnchainLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, 7); > > > } > > > > > > /** > > > @@ -2959,7 +2963,7 @@ Pkcs7Sign ( > > > OUT UINTN *SignedDataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > SignedDataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > SignedDataSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2995,7 +2999,7 @@ Pkcs7Verify ( > > > IN UINTN DataLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > CertLength, InData, DataLength), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > CertLength, InData, DataLength), FALSE, 7); > > > } > > > > > > /** > > > @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( > > > IN BOOLEAN RequireAllPresent > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > FALSE); > > > + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( > > > OUT UINTN *ContentSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > > Content, ContentSize), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > > Content, ContentSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( > > > IN UINTN HashSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE); > > > + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( > > > OUT EFI_TIME *SigningTime > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > TsaCert, CertSize, SigningTime), FALSE); > > > + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > TsaCert, CertSize, SigningTime), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -3164,7 +3168,7 @@ DhNew ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhNew, (), NULL); > > > + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); > > > } > > > > > > /** > > > @@ -3181,7 +3185,7 @@ DhFree ( > > > IN VOID *DhContext > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); > > > + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); > > > } > > > > > > /** > > > @@ -3217,7 +3221,7 @@ DhGenerateParameter ( > > > OUT UINT8 *Prime > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE); > > > + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE, 7); > > > } > > > > > > /** > > > @@ -3252,7 +3256,7 @@ DhSetParameter ( > > > IN CONST UINT8 *Prime > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE); > > > + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE, 7); > > > } > > > > > > /** > > > @@ -3287,7 +3291,7 @@ DhGenerateKey ( > > > IN OUT UINTN *PublicKeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > PublicKeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > PublicKeySize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3326,7 +3330,7 @@ DhComputeKey ( > > > IN OUT UINTN *KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > PeerPublicKeySize, Key, KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > PeerPublicKeySize, Key, KeySize), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -3358,7 +3362,7 @@ RandomSeed ( > > > IN UINTN SeedSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3382,7 +3386,7 @@ RandomBytes ( > > > IN UINTN Size > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); > > > + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( > > > UINTN PrkOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > > > Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, > InfoSize, > > > Out, OutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( > > > UINTN PrkOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > > > Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, > InfoSize, > > > Out, OutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3582,7 +3586,7 @@ TlsInitialize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); > > > + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); > > > } > > > > > > /** > > > @@ -3597,7 +3601,7 @@ TlsCtxFree ( > > > IN VOID *TlsCtx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); > > > } > > > > > > /** > > > @@ -3618,7 +3622,7 @@ TlsCtxNew ( > > > IN UINT8 MinorVer > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); > > > + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); > > > } > > > > > > /** > > > @@ -3636,7 +3640,7 @@ TlsFree ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); > > > } > > > > > > /** > > > @@ -3658,7 +3662,7 @@ TlsNew ( > > > IN VOID *TlsCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); > > > + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); > > > } > > > > > > /** > > > @@ -3678,7 +3682,7 @@ TlsInHandshake ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); > > > + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); > > > } > > > > > > /** > > > @@ -3717,7 +3721,7 @@ TlsDoHandshake ( > > > IN OUT UINTN *BufferOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3755,7 +3759,7 @@ TlsHandleAlert ( > > > IN OUT UINTN *BufferOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3784,7 +3788,7 @@ TlsCloseNotify ( > > > IN OUT UINTN *BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3860,7 +3864,7 @@ TlsRead ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3886,7 +3890,7 @@ TlsWrite ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3908,7 +3912,7 @@ TlsShutdown ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -3933,7 +3937,7 @@ TlsSetVersion ( > > > IN UINT8 MinorVer > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( > > > IN BOOLEAN IsServer > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3985,7 +3989,7 @@ TlsSetCipherList ( > > > IN UINTN CipherNum > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( > > > IN UINT8 CompMethod > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4025,7 +4029,7 @@ TlsSetVerify ( > > > IN UINT32 VerifyMode > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); > > > } > > > > > > /** > > > @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( > > > IN CHAR8 *HostName > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4074,7 +4078,7 @@ TlsSetSessionId ( > > > IN UINT16 SessionIdLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( > > > IN VOID *Password OPTIONAL > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > Password), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > Password), EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4286,7 +4290,7 @@ TlsGetVersion ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); > > > + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); > > > } > > > > > > /** > > > @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); > > > + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); > > > } > > > > > > /** > > > @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( > > > IN OUT UINT16 *CipherId > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( > > > IN OUT UINT8 *CompressionId > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > CompressionId), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > > CompressionId), EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4380,7 +4384,7 @@ TlsGetVerify ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); > > > + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); > > > } > > > > > > /** > > > @@ -4406,7 +4410,7 @@ TlsGetSessionId ( > > > IN OUT UINT16 *SessionIdLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( > > > IN OUT UINT8 *ClientRandom > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > ClientRandom)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > ClientRandom), > > > 7); > > > } > > > > > > /** > > > @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( > > > IN OUT UINT8 *ServerRandom > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > ServerRandom)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > ServerRandom), > > > 7); > > > } > > > > > > /** > > > @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( > > > IN OUT UINT8 *KeyMaterial > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4615,7 +4619,8 @@ TlsGetExportKey ( > > > TlsGetExportKey, > > > (Tls, Label, Context, ContextLen, > > > KeyBuffer, KeyBufferLen), > > > - EFI_UNSUPPORTED > > > + EFI_UNSUPPORTED, > > > + 14 > > > ); > > > } > > > > > > @@ -4634,7 +4639,7 @@ BigNumInit ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); > > > } > > > > > > /** > > > @@ -4652,7 +4657,7 @@ BigNumFromBin ( > > > IN UINTN Len > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); > > > } > > > > > > /** > > > @@ -4671,7 +4676,7 @@ BigNumToBin ( > > > OUT UINT8 *Buf > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); > > > + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); > > > } > > > > > > /** > > > @@ -4687,7 +4692,7 @@ BigNumFree ( > > > IN BOOLEAN Clear > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); > > > + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); > > > } > > > > > > /** > > > @@ -4710,7 +4715,7 @@ BigNumAdd ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4733,7 +4738,7 @@ BigNumSub ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4756,7 +4761,7 @@ BigNumMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4781,7 +4786,7 @@ BigNumExpMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -4804,7 +4809,7 @@ BigNumInverseMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -4827,7 +4832,7 @@ BigNumDiv ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4852,7 +4857,7 @@ BigNumMulMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -4872,7 +4877,7 @@ BigNumCmp ( > > > IN CONST VOID *BnB > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); > > > + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); > > > } > > > > > > /** > > > @@ -4888,7 +4893,7 @@ BigNumBits ( > > > IN CONST VOID *Bn > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); > > > + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); > > > } > > > > > > /** > > > @@ -4904,7 +4909,7 @@ BigNumBytes ( > > > IN CONST VOID *Bn > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); > > > + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); > > > } > > > > > > /** > > > @@ -4923,7 +4928,7 @@ BigNumIsWord ( > > > IN UINTN Num > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); > > > } > > > > > > /** > > > @@ -4940,7 +4945,7 @@ BigNumIsOdd ( > > > IN CONST VOID *Bn > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); > > > } > > > > > > /** > > > @@ -4959,7 +4964,7 @@ BigNumCopy ( > > > IN CONST VOID *BnSrc > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); > > > } > > > > > > /** > > > @@ -4974,7 +4979,7 @@ BigNumValueOne ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); > > > } > > > > > > /** > > > @@ -4997,7 +5002,7 @@ BigNumRShift ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -5013,7 +5018,7 @@ BigNumConstTime ( > > > IN VOID *Bn > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); > > > + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); > > > } > > > > > > /** > > > @@ -5036,7 +5041,7 @@ BigNumSqrMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, > 12); > > > } > > > > > > /** > > > @@ -5052,7 +5057,7 @@ BigNumNewContext ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); > > > } > > > > > > /** > > > @@ -5066,7 +5071,7 @@ BigNumContextFree ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); > > > + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); > > > } > > > > > > /** > > > @@ -5085,7 +5090,7 @@ BigNumSetUint ( > > > IN UINTN Val > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); > > > } > > > > > > /** > > > @@ -5108,7 +5113,7 @@ BigNumAddMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -5128,7 +5133,7 @@ EcGroupInit ( > > > IN UINTN CryptoNid > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); > > > + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); > > > } > > > > > > /** > > > @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > BnB, > > > BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > BnB, > > > BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( > > > OUT VOID *BnOrder > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE, > > 13); > > > } > > > > > > /** > > > @@ -5192,7 +5197,7 @@ EcGroupFree ( > > > IN VOID *EcGroup > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); > > > + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); > > > } > > > > > > /** > > > @@ -5210,7 +5215,7 @@ EcPointInit ( > > > IN CONST VOID *EcGroup > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); > > > + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); > > > } > > > > > > /** > > > @@ -5226,7 +5231,7 @@ EcPointDeInit ( > > > IN BOOLEAN Clear > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); > > > + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); > > > } > > > > > > /** > > > @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5305,7 +5310,7 @@ EcPointAdd ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > > > EcPointB, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > > > EcPointB, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5331,7 +5336,7 @@ EcPointMul ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > BnPScalar, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > BnPScalar, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5352,7 +5357,7 @@ EcPointInvert ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > FALSE, > > > 13); > > > } > > > > > > /** > > > @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > FALSE, 13); > > > } > > > > > > /** > > > @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( > > > IN CONST VOID *EcPoint > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, > > 13); > > > } > > > > > > /** > > > @@ -5415,7 +5420,7 @@ EcPointEqual ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > > EcPoint, BnX, YBit, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > > EcPoint, BnX, YBit, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5462,7 +5467,7 @@ EcNewByNid ( > > > IN UINTN Nid > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); > > > + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); > > > } > > > > > > /** > > > @@ -5476,7 +5481,7 @@ EcFree ( > > > IN VOID *EcContext > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); > > > + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); > > > } > > > > > > /** > > > @@ -5513,7 +5518,7 @@ EcGenerateKey ( > > > IN OUT UINTN *PublicKeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > PublicKeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > PublicKeySize), FALSE, 13); > > > } > > > > > > /** > > > @@ -5538,7 +5543,7 @@ EcGetPubKey ( > > > IN OUT UINTN *PublicKeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > PublicKeySize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > > PublicKeySize), FALSE, 13); > > > } > > > > > > /** > > > @@ -5577,7 +5582,7 @@ EcDhComputeKey ( > > > IN OUT UINTN *KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); > > > } > > > > > > /** > > > @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( > > > OUT VOID **EcContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > EcContext), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > EcContext), FALSE, 15); > > > } > > > > > > /** > > > @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( > > > OUT VOID **EcContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > > > Password, EcContext), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > > > Password, EcContext), FALSE, 15); > > > } > > > > > > /** > > > @@ -5676,7 +5681,7 @@ EcDsaSign ( > > > IN OUT UINTN *SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > > > HashSize, Signature, SigSize), FALSE, 15); > > > } > > > > > > /** > > > @@ -5713,5 +5718,5 @@ EcDsaVerify ( > > > IN UINTN SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > MessageHash, > > > HashSize, Signature, SigSize), FALSE, 15); > > > } > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > index dc7527bb01..fe9cdc0d4d 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( > > > ) > > > { > > > EFI_STATUS Status; > > > - UINTN Version; > > > > > > Status = gBS->LocateProtocol ( > > > &gEdkiiCryptoProtocolGuid, > > > @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( > > > return EFI_NOT_FOUND; > > > } > > > > > > - Version = mCryptoProtocol->GetVersion (); > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported > > > version %d\n", Version)); > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > - mCryptoProtocol = NULL; > > > - return EFI_NOT_FOUND; > > > - } > > > - > > > return EFI_SUCCESS; > > > } > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > index 51f858302f..6ad1d3afe0 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > @@ -30,7 +30,6 @@ GetCryptoServices ( > > > { > > > EFI_STATUS Status; > > > EDKII_CRYPTO_PPI *CryptoPpi; > > > - UINTN Version; > > > > > > CryptoPpi = NULL; > > > Status = PeiServicesLocatePpi ( > > > @@ -46,12 +45,5 @@ GetCryptoServices ( > > > return NULL; > > > } > > > > > > - Version = CryptoPpi->GetVersion (); > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported > > > version %d\n", Version)); > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > - return NULL; > > > - } > > > - > > > return (VOID *)CryptoPpi; > > > } > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > index be0f44e63b..6c7c75c8a7 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( > > > ) > > > { > > > EFI_STATUS Status; > > > - UINTN Version; > > > > > > Status = gSmst->SmmLocateProtocol ( > > > &gEdkiiSmmCryptoProtocolGuid, > > > @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( > > > return EFI_NOT_FOUND; > > > } > > > > > > - Version = mSmmCryptoProtocol->GetVersion (); > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol > > > unsupported version %d\n", Version)); > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > - mSmmCryptoProtocol = NULL; > > > - return EFI_NOT_FOUND; > > > - } > > > - > > > return EFI_SUCCESS; > > > } > > > -- > > > 2.31.1.windows.1 > > > > > > > > > > > > > > > > > > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible 2023-01-06 12:13 ` Yao, Jiewen @ 2023-01-06 15:09 ` Li, Yi 2023-01-06 15:19 ` Yao, Jiewen 0 siblings, 1 reply; 9+ messages in thread From: Li, Yi @ 2023-01-06 15:09 UTC (permalink / raw) To: Yao, Jiewen, devel@edk2.groups.io Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Kinney, Michael D >However, I am still not sure why the CryptoConsumer need link a higher version CryptoLib wrapper, if it wants to work with old CryptoBin. The developers of CryptoConsumer always build binary based on latest platform code. They prefer to keep the integrity of the platform code instead of changing the CryptoLib wrapper. The result is that there will be two binaries on the old platform and the new platform. Thanks, Yi -----Original Message----- From: Yao, Jiewen <jiewen.yao@intel.com> Sent: Friday, January 6, 2023 8:14 PM To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Li, Yi1 <yi1.li@intel.com> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com> Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible Hi Yi I believe I have some misunderstanding, after I read the definition again. According to https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/Crypto.h#L24, the version means "The version of the EDK II Crypto Protocol." It is not the version of the implementation. As such, my comment on bug fix does not stand. I am sorry to bring the confusing. With that, I don't have a super strong reason to reject, so far. However, I am still not sure why the CryptoConsumer need link a higher version CryptoLib wrapper, if it wants to work with old CryptoBin. Thank you Yao, Jiewen > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, > Jiewen > Sent: Friday, January 6, 2023 7:21 PM > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > Michael D <michael.d.kinney@intel.com> > Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Perhaps we can ask developers to update the minimum version of CyptoAPI > after bug or security fixes. > > [Jiewen] First, this is a new requirement. Hard to enforce. > Second, if you do this, then you *may* need update the CryptoBin, if > CryptoConsumer is updated. > Third, it is hard to determine *when* to upgrade the MinVersion, especially > when a bug fix is in the dependency module. For example, the code in > CryptoPkg does not update, but the MdePkg update, which may cause the > CryptoBin update. Should we update MinVersion? It will bring a burden to > the one who maintains the MinVersion. > > I believe it will create more potential compatibility problem. > > > One more question: > If you want to update CryptoConsumer, but keep CryptoBin. Why you want > to link a higher version of CryptoLib wrapper? Why not use the old version > CryptoLib wrapper? > > Thank you > Yao, Jiewen > > > -----Original Message----- > > From: Li, Yi1 <yi1.li@intel.com> > > Sent: Friday, January 6, 2023 7:07 PM > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > > Michael D <michael.d.kinney@intel.com> > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > Hi Jiewen, > > > > Thanks for feedback. > > > > >If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin > at > > the same time? > > > > 1. CryptoConsumer and CryptoBin are usually delivered by different people. > > For example, some features that require CryptoBin are responsible for by > an > > independent team, but Cyptobin is responsible for the platform as part of > > the platform firmware. > > > > 2. In the actual development process, the update of CryptoBin is often > > difficult due to reasons such as binary size or freeze of platform code, > > especially on older platforms, which will cause the feature development > > team to have to maintain multiple feature versions based on different EDK2 > > CyptoPkg. > > > > > But it is NOT TRUE, if you care the implementation of API. Maybe the > higher > > version of an API fixed some bug, or add some new features. > > > > Perhaps we can ask developers to update the minimum version of > CyptoAPI > > after bug or security fixes. > > > > Thanks, > > Yi > > > > -----Original Message----- > > From: Yao, Jiewen <jiewen.yao@intel.com> > > Sent: Friday, January 6, 2023 6:06 PM > > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > > Michael D <michael.d.kinney@intel.com> > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > Thanks Yi. > > You raised a very interesting question. > > > > + Mike Kinney, to comment from the requirement perspective. > > > > The original design is very simple: CryptoBin.Version >= > > CryptoConsumer.Version. > > > > Now you want to handle the case that: CryptoConsumer.Version > > > CryptoBin.Version, but the CryptoConsumer.Api is already present in > > CryptoBin.Api. > > To me, the hidden assumption is that: As long as an API is present, it will be > > used. The version of the API is not cared. > > > > This is only TRUE, if you only care the API is present or absent. > > But it is NOT TRUE, if you care the implementation of API. Maybe the higher > > version of an API fixed some bug, or add some new features. > > > > I believe this is very dangerous downgrade. I don't recommend we do it. > > Mike, what do you think? > > > > Question to Yi: If you can upgrade the CryptoConsumer, why not upgrade > the > > CryptoBin at the same time? > > > > Thank you > > Yao, Jiewen > > > > > -----Original Message----- > > > From: Li, Yi1 <yi1.li@intel.com> > > > Sent: Wednesday, January 4, 2023 10:03 AM > > > To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com> > > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J > > > <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > > > Guomin <guomin.jiang@intel.com> > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > API > > > backward compatible > > > > > > Hi, any comments about this BZ and patch? > > > Code link: https://github.com/tianocore/edk2/pull/3787 > > > > > > -----Original Message----- > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, Yi > > > Sent: Monday, December 19, 2022 2:24 PM > > > To: devel@edk2.groups.io > > > Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, > > > Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; > Jiang, > > > Guomin <guomin.jiang@intel.com> > > > Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > > backward compatible > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 > > > > > > Using older Crypto protocol will be allowed. > > > Each function wrapper will be annotated to require a minimum required > > > version of the crypto protocol and assert if called when the version is > > > not compatible. > > > Ths minimum version difined as the version when the API was introduced. > > > Details: > > > ///Parallel hash: MinVersion 8 > > > ParallelHash256HashAll, > > > /// HMAC SHA256 (continued): MinVersion 9 > > > HmacSha256All, > > > /// HMAC SHA384: MinVersion 9 > > > HmacSha384New, > > > ... > > > HmacSha384All, > > > /// HKDF (continued): MinVersion 10 > > > HkdfSha256Extract, > > > ... > > > HkdfSha384Expand, > > > /// Aead Aes GCM: MinVersion 11 > > > AeadAesGcmEncrypt, > > > AeadAesGcmDecrypt, > > > /// Big Numbers: MinVersion 12 > > > BigNumInit, > > > ... > > > BigNumAddMod, > > > /// EC: MinVersion 13 > > > EcGroupInit, > > > ... > > > EcDhComputeKey, > > > /// TLS (continued): MinVersion 14 > > > TlsShutdown, > > > ... > > > TlsGetExportKey, > > > /// Ec (Continued): MinVersion 15 > > > EcGetPublicKeyFromX509, > > > ... > > > EcDsaVerify, > > > /// X509 (Continued): MinVersion 16 > > > X509GetVersion, > > > ... > > > X509GetExtendedBasicConstraints > > > /// Others: MinVersion 7 > > > > > > Cc: Jiewen Yao <jiewen.yao@intel.com> > > > Cc: Jian J Wang <jian.j.wang@intel.com> > > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> > > > Cc: Guomin Jiang <guomin.jiang@intel.com> > > > Signed-off-by: Yi Li <yi1.li@intel.com> > > > --- > > > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- > > > .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - > > > .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - > > > .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - > > > 4 files changed, 227 insertions(+), 248 deletions(-) > > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > index 4e31bc278e..e470a0f0d4 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > @@ -24,18 +24,20 @@ > > > @param Args The argument list to pass to Function. > > > @param ErrorReturnValue The value to return if the protocol is NULL > or > > > the > > > service in the protocol is NULL. > > > - > > > -**/ > > > -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) \ > > > - do { \ > > > - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > - \ > > > - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > \ > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > - return (CryptoServices->Function) Args; \ > > > - } \ > > > - CryptoServiceNotAvailable (#Function); \ > > > - return ErrorReturnValue; \ > > > + @param MinVersion The minimum protocol version that supports > > the > > > API. > > > + > > > +**/ > > > +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, > > > MinVersion) \ > > > + do { \ > > > + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > + \ > > > + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > > \ > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && > \ > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > + return (CryptoServices->Function) Args; \ > > > + } \ > > > + CryptoServiceNotAvailable (#Function); \ > > > + return ErrorReturnValue; \ > > > } while (FALSE); > > > > > > /** > > > @@ -45,14 +47,16 @@ > > > > > > @param Function Name of the EDK II Crypto Protocol service to > call. > > > @param Args The argument list to pass to Function. > > > + @param MinVersion The minimum protocol version that supports > > the > > > API. > > > > > > **/ > > > -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ > > > +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) > \ > > > do { \ > > > EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > \ > > > CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); \ > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && \ > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > (CryptoServices->Function) Args; \ > > > return; \ > > > } \ > > > @@ -116,7 +120,7 @@ Md5GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -139,7 +143,7 @@ Md5Init ( > > > OUT VOID *Md5Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -164,7 +168,7 @@ Md5Duplicate ( > > > OUT VOID *NewMd5Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, NewMd5Context), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, > NewMd5Context), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -195,7 +199,7 @@ Md5Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -227,7 +231,7 @@ Md5Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); > > > + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, 7); > > > } > > > > > > /** > > > @@ -256,7 +260,7 @@ Md5HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > FALSE); > > > + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > FALSE, > > > 7); > > > } > > > > > > #endif > > > @@ -278,7 +282,7 @@ Sha1GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -301,7 +305,7 @@ Sha1Init ( > > > OUT VOID *Sha1Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -326,7 +330,7 @@ Sha1Duplicate ( > > > OUT VOID *NewSha1Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > NewSha1Context), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > NewSha1Context), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -357,7 +361,7 @@ Sha1Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -389,7 +393,7 @@ Sha1Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, > 7); > > > } > > > > > > /** > > > @@ -418,7 +422,7 @@ Sha1HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > FALSE, > > > 7); > > > } > > > > > > #endif > > > @@ -435,7 +439,7 @@ Sha256GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -456,7 +460,7 @@ Sha256Init ( > > > OUT VOID *Sha256Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -481,7 +485,7 @@ Sha256Duplicate ( > > > OUT VOID *NewSha256Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > NewSha256Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > NewSha256Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -510,7 +514,7 @@ Sha256Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > DataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -540,7 +544,7 @@ Sha256Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -569,7 +573,7 @@ Sha256HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -584,7 +588,7 @@ Sha384GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -605,7 +609,7 @@ Sha384Init ( > > > OUT VOID *Sha384Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -630,7 +634,7 @@ Sha384Duplicate ( > > > OUT VOID *NewSha384Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > NewSha384Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > NewSha384Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -659,7 +663,7 @@ Sha384Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > DataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -689,7 +693,7 @@ Sha384Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -718,7 +722,7 @@ Sha384HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -733,7 +737,7 @@ Sha512GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -754,7 +758,7 @@ Sha512Init ( > > > OUT VOID *Sha512Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -779,7 +783,7 @@ Sha512Duplicate ( > > > OUT VOID *NewSha512Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > NewSha512Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > NewSha512Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -808,7 +812,7 @@ Sha512Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > DataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > DataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -838,7 +842,7 @@ Sha512Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -867,7 +871,7 @@ Sha512HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -899,7 +903,7 @@ ParallelHash256HashAll ( > > > IN UINTN CustomByteLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), > FALSE); > > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE, > > 8); > > > } > > > > > > /** > > > @@ -914,7 +918,7 @@ Sm3GetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -935,7 +939,7 @@ Sm3Init ( > > > OUT VOID *Sm3Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -960,7 +964,7 @@ Sm3Duplicate ( > > > OUT VOID *NewSm3Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, NewSm3Context), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -989,7 +993,7 @@ Sm3Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -1019,7 +1023,7 @@ Sm3Final ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, 7); > > > } > > > > > > /** > > > @@ -1048,7 +1052,7 @@ Sm3HashAll ( > > > OUT UINT8 *HashValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > FALSE); > > > + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > FALSE, > > > 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1068,7 +1072,7 @@ HmacSha256New ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); > > > + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); > > > } > > > > > > /** > > > @@ -1083,7 +1087,7 @@ HmacSha256Free ( > > > IN VOID *HmacSha256Ctx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), 7); > > > } > > > > > > /** > > > @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( > > > IN UINTN KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > > > KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, Key, > > > KeySize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( > > > OUT VOID *NewHmacSha256Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > NewHmacSha256Context), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > NewHmacSha256Context), FALSE, 7); > > > } > > > > > > /** > > > @@ -1166,7 +1170,7 @@ HmacSha256Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > Data, > > > DataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > > Data, > > > DataSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1198,7 +1202,7 @@ HmacSha256Final ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > HmacValue), FALSE, 7); > > > } > > > > > > /** > > > @@ -1231,7 +1235,7 @@ HmacSha256All ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE, 9); > > > } > > > > > > /** > > > @@ -1247,7 +1251,7 @@ HmacSha384New ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > > > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); > > > } > > > > > > /** > > > @@ -1262,7 +1266,7 @@ HmacSha384Free ( > > > IN VOID *HmacSha384Ctx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), 9); > > > } > > > > > > /** > > > @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( > > > IN UINTN KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > > > KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > > > KeySize), FALSE, 9); > > > } > > > > > > /** > > > @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( > > > OUT VOID *NewHmacSha384Context > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > NewHmacSha384Context), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > NewHmacSha384Context), FALSE, 9); > > > } > > > > > > /** > > > @@ -1345,7 +1349,7 @@ HmacSha384Update ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > Data, > > > DataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > > Data, > > > DataSize), FALSE, 9); > > > } > > > > > > /** > > > @@ -1377,7 +1381,7 @@ HmacSha384Final ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > HmacValue), FALSE, 9); > > > } > > > > > > /** > > > @@ -1410,7 +1414,7 @@ HmacSha384All ( > > > OUT UINT8 *HmacValue > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE); > > > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > HmacValue), FALSE, 9); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1432,7 +1436,7 @@ AesGetContextSize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); > > > + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); > > > } > > > > > > /** > > > @@ -1465,7 +1469,7 @@ AesInit ( > > > IN UINTN KeyLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); > > > + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, > 7); > > > } > > > > > > /** > > > @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( > > > OUT UINT8 *Output > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > Ivec, > > > Output), FALSE); > > > + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > Ivec, > > > Output), FALSE, 7); > > > } > > > > > > /** > > > @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( > > > OUT UINT8 *Output > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > > Ivec, > > > Output), FALSE); > > > + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > > > Ivec, Output), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( > > > OUT UINTN *DataOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > DataOutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > DataOutSize), FALSE, 11); > > > } > > > > > > /** > > > @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( > > > OUT UINTN *DataOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > DataOutSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > DataOutSize), > > > FALSE, 11); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -1662,7 +1666,7 @@ RsaNew ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); > > > + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); > > > } > > > > > > /** > > > @@ -1679,7 +1683,7 @@ RsaFree ( > > > IN VOID *RsaContext > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); > > > + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); > > > } > > > > > > /** > > > @@ -1713,7 +1717,7 @@ RsaSetKey ( > > > IN UINTN BnSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1753,7 +1757,7 @@ RsaGetKey ( > > > IN OUT UINTN *BnSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > BnSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1788,7 +1792,7 @@ RsaGenerateKey ( > > > IN UINTN PublicExponentSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > > > PublicExponent, PublicExponentSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, ModulusLength, > > > PublicExponent, PublicExponentSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1818,7 +1822,7 @@ RsaCheckKey ( > > > IN VOID *RsaContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); > > > } > > > > > > /** > > > @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( > > > IN OUT UINTN *SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( > > > IN UINTN SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > HashSize, Signature, SigSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1923,7 +1927,7 @@ RsaPssVerify ( > > > IN UINT16 SaltLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > Signature, SigSize, DigestLen, SaltLen), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > Signature, SigSize, DigestLen, SaltLen), FALSE, 7); > > > } > > > > > > /** > > > @@ -1968,7 +1972,7 @@ RsaPssSign ( > > > IN OUT UINTN *SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > DigestLen, SaltLen, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > DigestLen, SaltLen, Signature, SigSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( > > > OUT VOID **RsaContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > PemSize, > > > Password, RsaContext), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > PemSize, > > > Password, RsaContext), FALSE, 7); > > > } > > > > > > /** > > > @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( > > > OUT VOID **RsaContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > RsaContext), FALSE); > > > + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > RsaContext), FALSE, 7); > > > } > > > > > > /** > > > @@ -2059,7 +2063,7 @@ X509GetSubjectName ( > > > IN OUT UINTN *SubjectSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > CertSubject, > > > SubjectSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > CertSubject, > > > SubjectSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2097,7 +2101,7 @@ X509GetCommonName ( > > > IN OUT UINTN *CommonNameSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( > > > IN OUT UINTN *NameBufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -2165,7 +2169,7 @@ X509VerifyCert ( > > > IN UINTN CACertSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > CACertSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > CACertSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( > > > OUT UINT8 **SingleX509Cert > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > SingleX509Cert), FALSE); > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > SingleX509Cert), FALSE, 7); > > > } > > > > > > /** > > > @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( > > > IN VA_LIST Args > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > Args), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > Args), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -2273,7 +2277,7 @@ X509Free ( > > > IN VOID *X509Cert > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); > > > + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); > > > } > > > > > > /** > > > @@ -2290,7 +2294,7 @@ X509StackFree ( > > > IN VOID *X509Stack > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); > > > + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); > > > } > > > > > > /** > > > @@ -2319,7 +2323,7 @@ X509GetTBSCert ( > > > OUT UINTN *TBSCertSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > TBSCertSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > TBSCertSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2346,7 +2350,7 @@ X509GetVersion ( > > > OUT UINTN *Version > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > FALSE, > > > 16); > > > } > > > > > > /** > > > @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( > > > IN OUT UINTN *SerialNumberSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > SerialNumber, SerialNumberSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > SerialNumber, SerialNumberSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2412,7 +2416,7 @@ X509GetIssuerName ( > > > IN OUT UINTN *CertIssuerSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, > > > CertIssuerSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, > CertIssuer, > > > CertIssuerSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( > > > IN OUT UINTN *OidSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > Oid, > > > OidSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > Oid, > > > OidSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2476,7 +2480,7 @@ X509GetExtensionData ( > > > IN OUT UINTN *ExtensionDataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > OidSize, ExtensionData, ExtensionDataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( > > > IN OUT UINTN *UsageSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > Usage, > > > UsageSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > Usage, > > > UsageSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2540,7 +2544,7 @@ X509GetValidity ( > > > IN OUT UINTN *ToSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > FromSize, > > > To, ToSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > FromSize, > > > To, ToSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2574,7 +2578,7 @@ X509FormatDateTime ( > > > IN OUT UINTN *DateTimeSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > > > DateTimeSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, DateTime, > > > DateTimeSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2600,7 +2604,7 @@ X509CompareDateTime ( > > > IN CONST VOID *DateTime2 > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > DateTime2), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > DateTime2), > > > FALSE, 16); > > > } > > > > > > /** > > > @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( > > > OUT UINTN *Usage > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > FALSE, > > > 16); > > > } > > > > > > /** > > > @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( > > > IN UINTN CertChainLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > RootCertLength, > > > CertChain, CertChainLength), FALSE); > > > + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > RootCertLength, > > > CertChain, CertChainLength), FALSE, 16); > > > } > > > > > > /** > > > @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( > > > OUT UINTN *CertLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > CertChainLength, CertIndex, Cert, CertLength), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); > > > } > > > > > > /** > > > @@ -2704,7 +2708,7 @@ Asn1GetTag ( > > > IN UINT32 Tag > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); > > > + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, 16); > > > } > > > > > > /** > > > @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( > > > UINTN *BasicConstraintsSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > CertSize, > > > BasicConstraints, BasicConstraintsSize), FALSE); > > > + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > CertSize, > > > BasicConstraints, BasicConstraintsSize), FALSE, 16); > > > } > > > > > > /** > > > @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( > > > OUT UINT8 *OutKey > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > Password, > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > Password, > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, 7); > > > } > > > > > > /** > > > @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( > > > OUT UINTN *EncryptedDataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > InData, > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > > InData, > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > FALSE, 7); > > > } > > > > > > /** > > > @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( > > > OUT UINTN *CertLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > > > StackLength, TrustedCert, CertLength), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, CertStack, > > > StackLength, TrustedCert, CertLength), FALSE, 7); > > > } > > > > > > /** > > > @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( > > > IN UINT8 *Certs > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); > > > + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); > > > } > > > > > > /** > > > @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( > > > OUT UINTN *UnchainLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, 7); > > > } > > > > > > /** > > > @@ -2959,7 +2963,7 @@ Pkcs7Sign ( > > > OUT UINTN *SignedDataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > SignedDataSize), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > SignedDataSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -2995,7 +2999,7 @@ Pkcs7Verify ( > > > IN UINTN DataLength > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > CertLength, InData, DataLength), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > CertLength, InData, DataLength), FALSE, 7); > > > } > > > > > > /** > > > @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( > > > IN BOOLEAN RequireAllPresent > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > FALSE); > > > + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > FALSE, > > > 7); > > > } > > > > > > /** > > > @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( > > > OUT UINTN *ContentSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > > Content, ContentSize), FALSE); > > > + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > > Content, ContentSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( > > > IN UINTN HashSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE); > > > + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( > > > OUT EFI_TIME *SigningTime > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > TsaCert, CertSize, SigningTime), FALSE); > > > + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > TsaCert, CertSize, SigningTime), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -3164,7 +3168,7 @@ DhNew ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhNew, (), NULL); > > > + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); > > > } > > > > > > /** > > > @@ -3181,7 +3185,7 @@ DhFree ( > > > IN VOID *DhContext > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); > > > + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); > > > } > > > > > > /** > > > @@ -3217,7 +3221,7 @@ DhGenerateParameter ( > > > OUT UINT8 *Prime > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE); > > > + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE, 7); > > > } > > > > > > /** > > > @@ -3252,7 +3256,7 @@ DhSetParameter ( > > > IN CONST UINT8 *Prime > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE); > > > + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > PrimeLength, Prime), FALSE, 7); > > > } > > > > > > /** > > > @@ -3287,7 +3291,7 @@ DhGenerateKey ( > > > IN OUT UINTN *PublicKeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > PublicKeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > PublicKeySize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3326,7 +3330,7 @@ DhComputeKey ( > > > IN OUT UINTN *KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > PeerPublicKeySize, Key, KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > PeerPublicKeySize, Key, KeySize), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -3358,7 +3362,7 @@ RandomSeed ( > > > IN UINTN SeedSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); > > > + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3382,7 +3386,7 @@ RandomBytes ( > > > IN UINTN Size > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); > > > + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); > > > } > > > > > > // > > > > > > ================================================================ > > > ===================== > > > @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); > > > } > > > > > > /** > > > @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( > > > UINTN PrkOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, InfoSize, > > > Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, > InfoSize, > > > Out, OutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > Salt, > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( > > > UINTN PrkOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, SaltSize, > > > PrkOut, PrkOutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( > > > IN UINTN OutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, InfoSize, > > > Out, OutSize), FALSE); > > > + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, > InfoSize, > > > Out, OutSize), FALSE, 10); > > > } > > > > > > /** > > > @@ -3582,7 +3586,7 @@ TlsInitialize ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); > > > + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); > > > } > > > > > > /** > > > @@ -3597,7 +3601,7 @@ TlsCtxFree ( > > > IN VOID *TlsCtx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); > > > } > > > > > > /** > > > @@ -3618,7 +3622,7 @@ TlsCtxNew ( > > > IN UINT8 MinorVer > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); > > > + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); > > > } > > > > > > /** > > > @@ -3636,7 +3640,7 @@ TlsFree ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); > > > } > > > > > > /** > > > @@ -3658,7 +3662,7 @@ TlsNew ( > > > IN VOID *TlsCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); > > > + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); > > > } > > > > > > /** > > > @@ -3678,7 +3682,7 @@ TlsInHandshake ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); > > > + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); > > > } > > > > > > /** > > > @@ -3717,7 +3721,7 @@ TlsDoHandshake ( > > > IN OUT UINTN *BufferOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3755,7 +3759,7 @@ TlsHandleAlert ( > > > IN OUT UINTN *BufferOutSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3784,7 +3788,7 @@ TlsCloseNotify ( > > > IN OUT UINTN *BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3860,7 +3864,7 @@ TlsRead ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3886,7 +3890,7 @@ TlsWrite ( > > > IN UINTN BufferSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); > > > + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); > > > } > > > > > > /** > > > @@ -3908,7 +3912,7 @@ TlsShutdown ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -3933,7 +3937,7 @@ TlsSetVersion ( > > > IN UINT8 MinorVer > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( > > > IN BOOLEAN IsServer > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -3985,7 +3989,7 @@ TlsSetCipherList ( > > > IN UINTN CipherNum > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( > > > IN UINT8 CompMethod > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4025,7 +4029,7 @@ TlsSetVerify ( > > > IN UINT32 VerifyMode > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); > > > } > > > > > > /** > > > @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( > > > IN CHAR8 *HostName > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4074,7 +4078,7 @@ TlsSetSessionId ( > > > IN UINT16 SessionIdLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( > > > IN VOID *Password OPTIONAL > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > Password), EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > Password), EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( > > > IN UINTN DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 14); > > > } > > > > > > /** > > > @@ -4286,7 +4290,7 @@ TlsGetVersion ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); > > > + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); > > > } > > > > > > /** > > > @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); > > > + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); > > > } > > > > > > /** > > > @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( > > > IN OUT UINT16 *CipherId > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( > > > IN OUT UINT8 *CompressionId > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > CompressionId), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > > CompressionId), EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4380,7 +4384,7 @@ TlsGetVerify ( > > > IN VOID *Tls > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); > > > + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); > > > } > > > > > > /** > > > @@ -4406,7 +4410,7 @@ TlsGetSessionId ( > > > IN OUT UINT16 *SessionIdLen > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, SessionIdLen), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( > > > IN OUT UINT8 *ClientRandom > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > ClientRandom)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > ClientRandom), > > > 7); > > > } > > > > > > /** > > > @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( > > > IN OUT UINT8 *ServerRandom > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > ServerRandom)); > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > ServerRandom), > > > 7); > > > } > > > > > > /** > > > @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( > > > IN OUT UINT8 *KeyMaterial > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( > > > IN OUT UINTN *DataSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED); > > > + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > EFI_UNSUPPORTED, 7); > > > } > > > > > > /** > > > @@ -4615,7 +4619,8 @@ TlsGetExportKey ( > > > TlsGetExportKey, > > > (Tls, Label, Context, ContextLen, > > > KeyBuffer, KeyBufferLen), > > > - EFI_UNSUPPORTED > > > + EFI_UNSUPPORTED, > > > + 14 > > > ); > > > } > > > > > > @@ -4634,7 +4639,7 @@ BigNumInit ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); > > > } > > > > > > /** > > > @@ -4652,7 +4657,7 @@ BigNumFromBin ( > > > IN UINTN Len > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); > > > } > > > > > > /** > > > @@ -4671,7 +4676,7 @@ BigNumToBin ( > > > OUT UINT8 *Buf > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); > > > + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); > > > } > > > > > > /** > > > @@ -4687,7 +4692,7 @@ BigNumFree ( > > > IN BOOLEAN Clear > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); > > > + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); > > > } > > > > > > /** > > > @@ -4710,7 +4715,7 @@ BigNumAdd ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4733,7 +4738,7 @@ BigNumSub ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4756,7 +4761,7 @@ BigNumMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4781,7 +4786,7 @@ BigNumExpMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -4804,7 +4809,7 @@ BigNumInverseMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -4827,7 +4832,7 @@ BigNumDiv ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -4852,7 +4857,7 @@ BigNumMulMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -4872,7 +4877,7 @@ BigNumCmp ( > > > IN CONST VOID *BnB > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); > > > + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); > > > } > > > > > > /** > > > @@ -4888,7 +4893,7 @@ BigNumBits ( > > > IN CONST VOID *Bn > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); > > > + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); > > > } > > > > > > /** > > > @@ -4904,7 +4909,7 @@ BigNumBytes ( > > > IN CONST VOID *Bn > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); > > > + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); > > > } > > > > > > /** > > > @@ -4923,7 +4928,7 @@ BigNumIsWord ( > > > IN UINTN Num > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); > > > } > > > > > > /** > > > @@ -4940,7 +4945,7 @@ BigNumIsOdd ( > > > IN CONST VOID *Bn > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); > > > } > > > > > > /** > > > @@ -4959,7 +4964,7 @@ BigNumCopy ( > > > IN CONST VOID *BnSrc > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); > > > } > > > > > > /** > > > @@ -4974,7 +4979,7 @@ BigNumValueOne ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); > > > } > > > > > > /** > > > @@ -4997,7 +5002,7 @@ BigNumRShift ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); > > > } > > > > > > /** > > > @@ -5013,7 +5018,7 @@ BigNumConstTime ( > > > IN VOID *Bn > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); > > > + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); > > > } > > > > > > /** > > > @@ -5036,7 +5041,7 @@ BigNumSqrMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, > 12); > > > } > > > > > > /** > > > @@ -5052,7 +5057,7 @@ BigNumNewContext ( > > > VOID > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); > > > + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); > > > } > > > > > > /** > > > @@ -5066,7 +5071,7 @@ BigNumContextFree ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); > > > + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); > > > } > > > > > > /** > > > @@ -5085,7 +5090,7 @@ BigNumSetUint ( > > > IN UINTN Val > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); > > > } > > > > > > /** > > > @@ -5108,7 +5113,7 @@ BigNumAddMod ( > > > OUT VOID *BnRes > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > FALSE); > > > + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > FALSE, > > > 12); > > > } > > > > > > /** > > > @@ -5128,7 +5133,7 @@ EcGroupInit ( > > > IN UINTN CryptoNid > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); > > > + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); > > > } > > > > > > /** > > > @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > BnB, > > > BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > BnB, > > > BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( > > > OUT VOID *BnOrder > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE, > > 13); > > > } > > > > > > /** > > > @@ -5192,7 +5197,7 @@ EcGroupFree ( > > > IN VOID *EcGroup > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); > > > + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); > > > } > > > > > > /** > > > @@ -5210,7 +5215,7 @@ EcPointInit ( > > > IN CONST VOID *EcGroup > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); > > > + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); > > > } > > > > > > /** > > > @@ -5226,7 +5231,7 @@ EcPointDeInit ( > > > IN BOOLEAN Clear > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); > > > + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); > > > } > > > > > > /** > > > @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > EcPoint, > > > BnX, BnY, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5305,7 +5310,7 @@ EcPointAdd ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > > > EcPointB, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, > > > EcPointB, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5331,7 +5336,7 @@ EcPointMul ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > BnPScalar, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > BnPScalar, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5352,7 +5357,7 @@ EcPointInvert ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > FALSE, > > > 13); > > > } > > > > > > /** > > > @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > FALSE, 13); > > > } > > > > > > /** > > > @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( > > > IN CONST VOID *EcPoint > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, > > 13); > > > } > > > > > > /** > > > @@ -5415,7 +5420,7 @@ EcPointEqual ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( > > > IN VOID *BnCtx > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > > EcPoint, BnX, YBit, BnCtx), FALSE); > > > + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > > EcPoint, BnX, YBit, BnCtx), FALSE, 13); > > > } > > > > > > /** > > > @@ -5462,7 +5467,7 @@ EcNewByNid ( > > > IN UINTN Nid > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); > > > + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); > > > } > > > > > > /** > > > @@ -5476,7 +5481,7 @@ EcFree ( > > > IN VOID *EcContext > > > ) > > > { > > > - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); > > > + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); > > > } > > > > > > /** > > > @@ -5513,7 +5518,7 @@ EcGenerateKey ( > > > IN OUT UINTN *PublicKeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > PublicKeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > PublicKeySize), FALSE, 13); > > > } > > > > > > /** > > > @@ -5538,7 +5543,7 @@ EcGetPubKey ( > > > IN OUT UINTN *PublicKeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > PublicKeySize), > > > FALSE); > > > + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > > PublicKeySize), FALSE, 13); > > > } > > > > > > /** > > > @@ -5577,7 +5582,7 @@ EcDhComputeKey ( > > > IN OUT UINTN *KeySize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); > > > } > > > > > > /** > > > @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( > > > OUT VOID **EcContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > EcContext), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > EcContext), FALSE, 15); > > > } > > > > > > /** > > > @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( > > > OUT VOID **EcContext > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > > > Password, EcContext), FALSE); > > > + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, PemSize, > > > Password, EcContext), FALSE, 15); > > > } > > > > > > /** > > > @@ -5676,7 +5681,7 @@ EcDsaSign ( > > > IN OUT UINTN *SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, MessageHash, > > > HashSize, Signature, SigSize), FALSE, 15); > > > } > > > > > > /** > > > @@ -5713,5 +5718,5 @@ EcDsaVerify ( > > > IN UINTN SigSize > > > ) > > > { > > > - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > MessageHash, > > > HashSize, Signature, SigSize), FALSE); > > > + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > MessageHash, > > > HashSize, Signature, SigSize), FALSE, 15); > > > } > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > index dc7527bb01..fe9cdc0d4d 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( > > > ) > > > { > > > EFI_STATUS Status; > > > - UINTN Version; > > > > > > Status = gBS->LocateProtocol ( > > > &gEdkiiCryptoProtocolGuid, > > > @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( > > > return EFI_NOT_FOUND; > > > } > > > > > > - Version = mCryptoProtocol->GetVersion (); > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol unsupported > > > version %d\n", Version)); > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > - mCryptoProtocol = NULL; > > > - return EFI_NOT_FOUND; > > > - } > > > - > > > return EFI_SUCCESS; > > > } > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > index 51f858302f..6ad1d3afe0 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > @@ -30,7 +30,6 @@ GetCryptoServices ( > > > { > > > EFI_STATUS Status; > > > EDKII_CRYPTO_PPI *CryptoPpi; > > > - UINTN Version; > > > > > > CryptoPpi = NULL; > > > Status = PeiServicesLocatePpi ( > > > @@ -46,12 +45,5 @@ GetCryptoServices ( > > > return NULL; > > > } > > > > > > - Version = CryptoPpi->GetVersion (); > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported > > > version %d\n", Version)); > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > - return NULL; > > > - } > > > - > > > return (VOID *)CryptoPpi; > > > } > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > index be0f44e63b..6c7c75c8a7 100644 > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( > > > ) > > > { > > > EFI_STATUS Status; > > > - UINTN Version; > > > > > > Status = gSmst->SmmLocateProtocol ( > > > &gEdkiiSmmCryptoProtocolGuid, > > > @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( > > > return EFI_NOT_FOUND; > > > } > > > > > > - Version = mSmmCryptoProtocol->GetVersion (); > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol > > > unsupported version %d\n", Version)); > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > - mSmmCryptoProtocol = NULL; > > > - return EFI_NOT_FOUND; > > > - } > > > - > > > return EFI_SUCCESS; > > > } > > > -- > > > 2.31.1.windows.1 > > > > > > > > > > > > > > > > > > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible 2023-01-06 15:09 ` Li, Yi @ 2023-01-06 15:19 ` Yao, Jiewen 2023-01-06 18:11 ` Li, Yi 0 siblings, 1 reply; 9+ messages in thread From: Yao, Jiewen @ 2023-01-06 15:19 UTC (permalink / raw) To: Li, Yi1, devel@edk2.groups.io Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Kinney, Michael D > The developers of CryptoConsumer always build binary based on latest platform code. If so, how you guarantee the compatibility between CryptoConsumer and old other platform code? The saftest way is always to build CryptoConsumer with old platform, then replace it with the one in the old platform. > -----Original Message----- > From: Li, Yi1 <yi1.li@intel.com> > Sent: Friday, January 6, 2023 11:09 PM > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > Michael D <michael.d.kinney@intel.com> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > >However, I am still not sure why the CryptoConsumer need link a higher > version CryptoLib wrapper, if it wants to work with old CryptoBin. > > The developers of CryptoConsumer always build binary based on latest > platform code. > They prefer to keep the integrity of the platform code instead of changing the > CryptoLib wrapper. > > The result is that there will be two binaries on the old platform and the new > platform. > > Thanks, > Yi > > -----Original Message----- > From: Yao, Jiewen <jiewen.yao@intel.com> > Sent: Friday, January 6, 2023 8:14 PM > To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Li, Yi1 > <yi1.li@intel.com> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > Michael D <michael.d.kinney@intel.com> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Hi Yi > I believe I have some misunderstanding, after I read the definition again. > According to > https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol > /Crypto.h#L24, the version means "The version of the EDK II Crypto > Protocol." > It is not the version of the implementation. As such, my comment on bug fix > does not stand. I am sorry to bring the confusing. > With that, I don't have a super strong reason to reject, so far. > > However, I am still not sure why the CryptoConsumer need link a higher > version CryptoLib wrapper, if it wants to work with old CryptoBin. > > Thank you > Yao, Jiewen > > > > > -----Original Message----- > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, > > Jiewen > > Sent: Friday, January 6, 2023 7:21 PM > > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, > > Michael D <michael.d.kinney@intel.com> > > Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > Perhaps we can ask developers to update the minimum version of > CyptoAPI > > after bug or security fixes. > > > > [Jiewen] First, this is a new requirement. Hard to enforce. > > Second, if you do this, then you *may* need update the CryptoBin, if > > CryptoConsumer is updated. > > Third, it is hard to determine *when* to upgrade the MinVersion, > especially > > when a bug fix is in the dependency module. For example, the code in > > CryptoPkg does not update, but the MdePkg update, which may cause the > > CryptoBin update. Should we update MinVersion? It will bring a burden to > > the one who maintains the MinVersion. > > > > I believe it will create more potential compatibility problem. > > > > > > One more question: > > If you want to update CryptoConsumer, but keep CryptoBin. Why you want > > to link a higher version of CryptoLib wrapper? Why not use the old version > > CryptoLib wrapper? > > > > Thank you > > Yao, Jiewen > > > > > -----Original Message----- > > > From: Li, Yi1 <yi1.li@intel.com> > > > Sent: Friday, January 6, 2023 7:07 PM > > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > > > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; > Kinney, > > > Michael D <michael.d.kinney@intel.com> > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > API > > > backward compatible > > > > > > Hi Jiewen, > > > > > > Thanks for feedback. > > > > > > >If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin > > at > > > the same time? > > > > > > 1. CryptoConsumer and CryptoBin are usually delivered by different > people. > > > For example, some features that require CryptoBin are responsible for by > > an > > > independent team, but Cyptobin is responsible for the platform as part of > > > the platform firmware. > > > > > > 2. In the actual development process, the update of CryptoBin is often > > > difficult due to reasons such as binary size or freeze of platform code, > > > especially on older platforms, which will cause the feature development > > > team to have to maintain multiple feature versions based on different > EDK2 > > > CyptoPkg. > > > > > > > But it is NOT TRUE, if you care the implementation of API. Maybe the > > higher > > > version of an API fixed some bug, or add some new features. > > > > > > Perhaps we can ask developers to update the minimum version of > > CyptoAPI > > > after bug or security fixes. > > > > > > Thanks, > > > Yi > > > > > > -----Original Message----- > > > From: Yao, Jiewen <jiewen.yao@intel.com> > > > Sent: Friday, January 6, 2023 6:06 PM > > > To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 > > > <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; > Kinney, > > > Michael D <michael.d.kinney@intel.com> > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > API > > > backward compatible > > > > > > Thanks Yi. > > > You raised a very interesting question. > > > > > > + Mike Kinney, to comment from the requirement perspective. > > > > > > The original design is very simple: CryptoBin.Version >= > > > CryptoConsumer.Version. > > > > > > Now you want to handle the case that: CryptoConsumer.Version > > > > CryptoBin.Version, but the CryptoConsumer.Api is already present in > > > CryptoBin.Api. > > > To me, the hidden assumption is that: As long as an API is present, it will > be > > > used. The version of the API is not cared. > > > > > > This is only TRUE, if you only care the API is present or absent. > > > But it is NOT TRUE, if you care the implementation of API. Maybe the > higher > > > version of an API fixed some bug, or add some new features. > > > > > > I believe this is very dangerous downgrade. I don't recommend we do it. > > > Mike, what do you think? > > > > > > Question to Yi: If you can upgrade the CryptoConsumer, why not upgrade > > the > > > CryptoBin at the same time? > > > > > > Thank you > > > Yao, Jiewen > > > > > > > -----Original Message----- > > > > From: Li, Yi1 <yi1.li@intel.com> > > > > Sent: Wednesday, January 4, 2023 10:03 AM > > > > To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com> > > > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J > > > > <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, > > > > Guomin <guomin.jiang@intel.com> > > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > > API > > > > backward compatible > > > > > > > > Hi, any comments about this BZ and patch? > > > > Code link: https://github.com/tianocore/edk2/pull/3787 > > > > > > > > -----Original Message----- > > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Li, > Yi > > > > Sent: Monday, December 19, 2022 2:24 PM > > > > To: devel@edk2.groups.io > > > > Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; > Wang, > > > > Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; > > Jiang, > > > > Guomin <guomin.jiang@intel.com> > > > > Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > > > backward compatible > > > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 > > > > > > > > Using older Crypto protocol will be allowed. > > > > Each function wrapper will be annotated to require a minimum > required > > > > version of the crypto protocol and assert if called when the version is > > > > not compatible. > > > > Ths minimum version difined as the version when the API was > introduced. > > > > Details: > > > > ///Parallel hash: MinVersion 8 > > > > ParallelHash256HashAll, > > > > /// HMAC SHA256 (continued): MinVersion 9 > > > > HmacSha256All, > > > > /// HMAC SHA384: MinVersion 9 > > > > HmacSha384New, > > > > ... > > > > HmacSha384All, > > > > /// HKDF (continued): MinVersion 10 > > > > HkdfSha256Extract, > > > > ... > > > > HkdfSha384Expand, > > > > /// Aead Aes GCM: MinVersion 11 > > > > AeadAesGcmEncrypt, > > > > AeadAesGcmDecrypt, > > > > /// Big Numbers: MinVersion 12 > > > > BigNumInit, > > > > ... > > > > BigNumAddMod, > > > > /// EC: MinVersion 13 > > > > EcGroupInit, > > > > ... > > > > EcDhComputeKey, > > > > /// TLS (continued): MinVersion 14 > > > > TlsShutdown, > > > > ... > > > > TlsGetExportKey, > > > > /// Ec (Continued): MinVersion 15 > > > > EcGetPublicKeyFromX509, > > > > ... > > > > EcDsaVerify, > > > > /// X509 (Continued): MinVersion 16 > > > > X509GetVersion, > > > > ... > > > > X509GetExtendedBasicConstraints > > > > /// Others: MinVersion 7 > > > > > > > > Cc: Jiewen Yao <jiewen.yao@intel.com> > > > > Cc: Jian J Wang <jian.j.wang@intel.com> > > > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> > > > > Cc: Guomin Jiang <guomin.jiang@intel.com> > > > > Signed-off-by: Yi Li <yi1.li@intel.com> > > > > --- > > > > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- > > > > .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - > > > > .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - > > > > .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - > > > > 4 files changed, 227 insertions(+), 248 deletions(-) > > > > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > index 4e31bc278e..e470a0f0d4 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > @@ -24,18 +24,20 @@ > > > > @param Args The argument list to pass to Function. > > > > @param ErrorReturnValue The value to return if the protocol is NULL > > or > > > > the > > > > service in the protocol is NULL. > > > > - > > > > -**/ > > > > -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) > \ > > > > - do { \ > > > > - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > > - \ > > > > - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > > \ > > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > > - return (CryptoServices->Function) Args; \ > > > > - } \ > > > > - CryptoServiceNotAvailable (#Function); \ > > > > - return ErrorReturnValue; \ > > > > + @param MinVersion The minimum protocol version that > supports > > > the > > > > API. > > > > + > > > > +**/ > > > > +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, > > > > MinVersion) \ > > > > + do { \ > > > > + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > > + \ > > > > + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > > > \ > > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && > > \ > > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > > + return (CryptoServices->Function) Args; \ > > > > + } \ > > > > + CryptoServiceNotAvailable (#Function); \ > > > > + return ErrorReturnValue; \ > > > > } while (FALSE); > > > > > > > > /** > > > > @@ -45,14 +47,16 @@ > > > > > > > > @param Function Name of the EDK II Crypto Protocol service to > > call. > > > > @param Args The argument list to pass to Function. > > > > + @param MinVersion The minimum protocol version that > supports > > > the > > > > API. > > > > > > > > **/ > > > > -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ > > > > +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) > > \ > > > > do { \ > > > > EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > > \ > > > > CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > \ > > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && > \ > > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > > (CryptoServices->Function) Args; \ > > > > return; \ > > > > } \ > > > > @@ -116,7 +120,7 @@ Md5GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -139,7 +143,7 @@ Md5Init ( > > > > OUT VOID *Md5Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -164,7 +168,7 @@ Md5Duplicate ( > > > > OUT VOID *NewMd5Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, > NewMd5Context), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, > > NewMd5Context), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -195,7 +199,7 @@ Md5Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -227,7 +231,7 @@ Md5Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -256,7 +260,7 @@ Md5HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > #endif > > > > @@ -278,7 +282,7 @@ Sha1GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -301,7 +305,7 @@ Sha1Init ( > > > > OUT VOID *Sha1Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -326,7 +330,7 @@ Sha1Duplicate ( > > > > OUT VOID *NewSha1Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > > NewSha1Context), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > > NewSha1Context), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -357,7 +361,7 @@ Sha1Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -389,7 +393,7 @@ Sha1Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, > > 7); > > > > } > > > > > > > > /** > > > > @@ -418,7 +422,7 @@ Sha1HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > #endif > > > > @@ -435,7 +439,7 @@ Sha256GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -456,7 +460,7 @@ Sha256Init ( > > > > OUT VOID *Sha256Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -481,7 +485,7 @@ Sha256Duplicate ( > > > > OUT VOID *NewSha256Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > > NewSha256Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > > NewSha256Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -510,7 +514,7 @@ Sha256Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > > DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > > DataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -540,7 +544,7 @@ Sha256Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -569,7 +573,7 @@ Sha256HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -584,7 +588,7 @@ Sha384GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -605,7 +609,7 @@ Sha384Init ( > > > > OUT VOID *Sha384Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -630,7 +634,7 @@ Sha384Duplicate ( > > > > OUT VOID *NewSha384Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > > NewSha384Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > > NewSha384Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -659,7 +663,7 @@ Sha384Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > > DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > > DataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -689,7 +693,7 @@ Sha384Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -718,7 +722,7 @@ Sha384HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -733,7 +737,7 @@ Sha512GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -754,7 +758,7 @@ Sha512Init ( > > > > OUT VOID *Sha512Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -779,7 +783,7 @@ Sha512Duplicate ( > > > > OUT VOID *NewSha512Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > > NewSha512Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > > NewSha512Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -808,7 +812,7 @@ Sha512Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > > DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > > DataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -838,7 +842,7 @@ Sha512Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -867,7 +871,7 @@ Sha512HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -899,7 +903,7 @@ ParallelHash256HashAll ( > > > > IN UINTN CustomByteLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, > InputByteLen, > > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), > FALSE, > > > 8); > > > > } > > > > > > > > /** > > > > @@ -914,7 +918,7 @@ Sm3GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -935,7 +939,7 @@ Sm3Init ( > > > > OUT VOID *Sm3Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -960,7 +964,7 @@ Sm3Duplicate ( > > > > OUT VOID *NewSm3Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, > NewSm3Context), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, > NewSm3Context), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -989,7 +993,7 @@ Sm3Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -1019,7 +1023,7 @@ Sm3Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -1048,7 +1052,7 @@ Sm3HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1068,7 +1072,7 @@ HmacSha256New ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); > > > > + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -1083,7 +1087,7 @@ HmacSha256Free ( > > > > IN VOID *HmacSha256Ctx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); > > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), > 7); > > > > } > > > > > > > > /** > > > > @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( > > > > IN UINTN KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, > Key, > > > > KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, > Key, > > > > KeySize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( > > > > OUT VOID *NewHmacSha256Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > > NewHmacSha256Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > > NewHmacSha256Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1166,7 +1170,7 @@ HmacSha256Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > > Data, > > > > DataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > > > Data, > > > > DataSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1198,7 +1202,7 @@ HmacSha256Final ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > > HmacValue), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1231,7 +1235,7 @@ HmacSha256All ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1247,7 +1251,7 @@ HmacSha384New ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > > > > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); > > > > } > > > > > > > > /** > > > > @@ -1262,7 +1266,7 @@ HmacSha384Free ( > > > > IN VOID *HmacSha384Ctx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), > 9); > > > > } > > > > > > > > /** > > > > @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( > > > > IN UINTN KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, > Key, > > > > KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, > Key, > > > > KeySize), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( > > > > OUT VOID *NewHmacSha384Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > > NewHmacSha384Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > > NewHmacSha384Context), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1345,7 +1349,7 @@ HmacSha384Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > > Data, > > > > DataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > > > Data, > > > > DataSize), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1377,7 +1381,7 @@ HmacSha384Final ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > > HmacValue), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1410,7 +1414,7 @@ HmacSha384All ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE, 9); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1432,7 +1436,7 @@ AesGetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -1465,7 +1469,7 @@ AesInit ( > > > > IN UINTN KeyLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, > > 7); > > > > } > > > > > > > > /** > > > > @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( > > > > OUT UINT8 *Output > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > > Ivec, > > > > Output), FALSE); > > > > + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > > Ivec, > > > > Output), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( > > > > OUT UINT8 *Output > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > > > Ivec, > > > > Output), FALSE); > > > > + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, > InputSize, > > > > Ivec, Output), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( > > > > OUT UINTN *DataOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > > DataOutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > > DataOutSize), FALSE, 11); > > > > } > > > > > > > > /** > > > > @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( > > > > OUT UINTN *DataOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > > DataOutSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > > DataOutSize), > > > > FALSE, 11); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1662,7 +1666,7 @@ RsaNew ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); > > > > + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -1679,7 +1683,7 @@ RsaFree ( > > > > IN VOID *RsaContext > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); > > > > + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); > > > > } > > > > > > > > /** > > > > @@ -1713,7 +1717,7 @@ RsaSetKey ( > > > > IN UINTN BnSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1753,7 +1757,7 @@ RsaGetKey ( > > > > IN OUT UINTN *BnSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1788,7 +1792,7 @@ RsaGenerateKey ( > > > > IN UINTN PublicExponentSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, > ModulusLength, > > > > PublicExponent, PublicExponentSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, > ModulusLength, > > > > PublicExponent, PublicExponentSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1818,7 +1822,7 @@ RsaCheckKey ( > > > > IN VOID *RsaContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( > > > > IN OUT UINTN *SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( > > > > IN UINTN SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1923,7 +1927,7 @@ RsaPssVerify ( > > > > IN UINT16 SaltLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > > Signature, SigSize, DigestLen, SaltLen), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > > Signature, SigSize, DigestLen, SaltLen), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1968,7 +1972,7 @@ RsaPssSign ( > > > > IN OUT UINTN *SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > > DigestLen, SaltLen, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > > DigestLen, SaltLen, Signature, SigSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( > > > > OUT VOID **RsaContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > > PemSize, > > > > Password, RsaContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > > PemSize, > > > > Password, RsaContext), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( > > > > OUT VOID **RsaContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > > RsaContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > > RsaContext), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2059,7 +2063,7 @@ X509GetSubjectName ( > > > > IN OUT UINTN *SubjectSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > > CertSubject, > > > > SubjectSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > > CertSubject, > > > > SubjectSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2097,7 +2101,7 @@ X509GetCommonName ( > > > > IN OUT UINTN *CommonNameSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( > > > > IN OUT UINTN *NameBufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -2165,7 +2169,7 @@ X509VerifyCert ( > > > > IN UINTN CACertSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > > CACertSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > > CACertSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( > > > > OUT UINT8 **SingleX509Cert > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > > SingleX509Cert), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > > SingleX509Cert), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( > > > > IN VA_LIST Args > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > > Args), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > > Args), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2273,7 +2277,7 @@ X509Free ( > > > > IN VOID *X509Cert > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); > > > > + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); > > > > } > > > > > > > > /** > > > > @@ -2290,7 +2294,7 @@ X509StackFree ( > > > > IN VOID *X509Stack > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); > > > > + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); > > > > } > > > > > > > > /** > > > > @@ -2319,7 +2323,7 @@ X509GetTBSCert ( > > > > OUT UINTN *TBSCertSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > > TBSCertSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > > TBSCertSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2346,7 +2350,7 @@ X509GetVersion ( > > > > OUT UINTN *Version > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > > FALSE, > > > > 16); > > > > } > > > > > > > > /** > > > > @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( > > > > IN OUT UINTN *SerialNumberSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > > SerialNumber, SerialNumberSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > > SerialNumber, SerialNumberSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2412,7 +2416,7 @@ X509GetIssuerName ( > > > > IN OUT UINTN *CertIssuerSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, > CertIssuer, > > > > CertIssuerSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, > > CertIssuer, > > > > CertIssuerSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( > > > > IN OUT UINTN *OidSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > > Oid, > > > > OidSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > > Oid, > > > > OidSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2476,7 +2480,7 @@ X509GetExtensionData ( > > > > IN OUT UINTN *ExtensionDataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > > OidSize, ExtensionData, ExtensionDataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > > OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( > > > > IN OUT UINTN *UsageSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > > Usage, > > > > UsageSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > > Usage, > > > > UsageSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2540,7 +2544,7 @@ X509GetValidity ( > > > > IN OUT UINTN *ToSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > > FromSize, > > > > To, ToSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > > FromSize, > > > > To, ToSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2574,7 +2578,7 @@ X509FormatDateTime ( > > > > IN OUT UINTN *DateTimeSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, > DateTime, > > > > DateTimeSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, > DateTime, > > > > DateTimeSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2600,7 +2604,7 @@ X509CompareDateTime ( > > > > IN CONST VOID *DateTime2 > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > > DateTime2), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > > DateTime2), > > > > FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( > > > > OUT UINTN *Usage > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > > FALSE, > > > > 16); > > > > } > > > > > > > > /** > > > > @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( > > > > IN UINTN CertChainLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > > RootCertLength, > > > > CertChain, CertChainLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > > RootCertLength, > > > > CertChain, CertChainLength), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( > > > > OUT UINTN *CertLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > > CertChainLength, CertIndex, Cert, CertLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > > CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2704,7 +2708,7 @@ Asn1GetTag ( > > > > IN UINT32 Tag > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); > > > > + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, > 16); > > > > } > > > > > > > > /** > > > > @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( > > > > UINTN *BasicConstraintsSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > > CertSize, > > > > BasicConstraints, BasicConstraintsSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > > CertSize, > > > > BasicConstraints, BasicConstraintsSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( > > > > OUT UINT8 *OutKey > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > > Password, > > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > > Password, > > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( > > > > OUT UINTN *EncryptedDataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > > InData, > > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > > > InData, > > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( > > > > OUT UINTN *CertLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, > CertStack, > > > > StackLength, TrustedCert, CertLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, > CertStack, > > > > StackLength, TrustedCert, CertLength), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( > > > > IN UINT8 *Certs > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); > > > > + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); > > > > } > > > > > > > > /** > > > > @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( > > > > OUT UINTN *UnchainLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -2959,7 +2963,7 @@ Pkcs7Sign ( > > > > OUT UINTN *SignedDataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > > SignedDataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > > SignedDataSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2995,7 +2999,7 @@ Pkcs7Verify ( > > > > IN UINTN DataLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > > CertLength, InData, DataLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > > CertLength, InData, DataLength), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( > > > > IN BOOLEAN RequireAllPresent > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( > > > > OUT UINTN *ContentSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > > > Content, ContentSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, > P7Length, > > > > Content, ContentSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( > > > > IN UINTN HashSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( > > > > OUT EFI_TIME *SigningTime > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > > TsaCert, CertSize, SigningTime), FALSE); > > > > + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > > TsaCert, CertSize, SigningTime), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -3164,7 +3168,7 @@ DhNew ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhNew, (), NULL); > > > > + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -3181,7 +3185,7 @@ DhFree ( > > > > IN VOID *DhContext > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); > > > > + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); > > > > } > > > > > > > > /** > > > > @@ -3217,7 +3221,7 @@ DhGenerateParameter ( > > > > OUT UINT8 *Prime > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, > Generator, > > > > PrimeLength, Prime), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, > Generator, > > > > PrimeLength, Prime), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3252,7 +3256,7 @@ DhSetParameter ( > > > > IN CONST UINT8 *Prime > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > > PrimeLength, Prime), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > > PrimeLength, Prime), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3287,7 +3291,7 @@ DhGenerateKey ( > > > > IN OUT UINTN *PublicKeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > > PublicKeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > > PublicKeySize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3326,7 +3330,7 @@ DhComputeKey ( > > > > IN OUT UINTN *KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > > PeerPublicKeySize, Key, KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > > PeerPublicKeySize, Key, KeySize), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -3358,7 +3362,7 @@ RandomSeed ( > > > > IN UINTN SeedSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3382,7 +3386,7 @@ RandomBytes ( > > > > IN UINTN Size > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); > > > > + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( > > > > UINTN PrkOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, > InfoSize, > > > > Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, > > InfoSize, > > > > Out, OutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( > > > > UINTN PrkOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, > InfoSize, > > > > Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, > > InfoSize, > > > > Out, OutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3582,7 +3586,7 @@ TlsInitialize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); > > > > + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3597,7 +3601,7 @@ TlsCtxFree ( > > > > IN VOID *TlsCtx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); > > > > } > > > > > > > > /** > > > > @@ -3618,7 +3622,7 @@ TlsCtxNew ( > > > > IN UINT8 MinorVer > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); > > > > + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -3636,7 +3640,7 @@ TlsFree ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); > > > > } > > > > > > > > /** > > > > @@ -3658,7 +3662,7 @@ TlsNew ( > > > > IN VOID *TlsCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); > > > > + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -3678,7 +3682,7 @@ TlsInHandshake ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); > > > > + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3717,7 +3721,7 @@ TlsDoHandshake ( > > > > IN OUT UINTN *BufferOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3755,7 +3759,7 @@ TlsHandleAlert ( > > > > IN OUT UINTN *BufferOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3784,7 +3788,7 @@ TlsCloseNotify ( > > > > IN OUT UINTN *BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, > 7); > > > > } > > > > > > > > /** > > > > @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -3860,7 +3864,7 @@ TlsRead ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -3886,7 +3890,7 @@ TlsWrite ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -3908,7 +3912,7 @@ TlsShutdown ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -3933,7 +3937,7 @@ TlsSetVersion ( > > > > IN UINT8 MinorVer > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( > > > > IN BOOLEAN IsServer > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3985,7 +3989,7 @@ TlsSetCipherList ( > > > > IN UINTN CipherNum > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( > > > > IN UINT8 CompMethod > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4025,7 +4029,7 @@ TlsSetVerify ( > > > > IN UINT32 VerifyMode > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); > > > > } > > > > > > > > /** > > > > @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( > > > > IN CHAR8 *HostName > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4074,7 +4078,7 @@ TlsSetSessionId ( > > > > IN UINT16 SessionIdLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, > SessionIdLen), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( > > > > IN VOID *Password OPTIONAL > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > > Password), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > > Password), EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4286,7 +4290,7 @@ TlsGetVersion ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); > > > > + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); > > > > + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( > > > > IN OUT UINT16 *CipherId > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( > > > > IN OUT UINT8 *CompressionId > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > > CompressionId), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > > > CompressionId), EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4380,7 +4384,7 @@ TlsGetVerify ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); > > > > + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -4406,7 +4410,7 @@ TlsGetSessionId ( > > > > IN OUT UINT16 *SessionIdLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, > SessionIdLen), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, > SessionIdLen), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( > > > > IN OUT UINT8 *ClientRandom > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > > ClientRandom)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > > ClientRandom), > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( > > > > IN OUT UINT8 *ServerRandom > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > > ServerRandom)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > > ServerRandom), > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( > > > > IN OUT UINT8 *KeyMaterial > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4615,7 +4619,8 @@ TlsGetExportKey ( > > > > TlsGetExportKey, > > > > (Tls, Label, Context, ContextLen, > > > > KeyBuffer, KeyBufferLen), > > > > - EFI_UNSUPPORTED > > > > + EFI_UNSUPPORTED, > > > > + 14 > > > > ); > > > > } > > > > > > > > @@ -4634,7 +4639,7 @@ BigNumInit ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4652,7 +4657,7 @@ BigNumFromBin ( > > > > IN UINTN Len > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4671,7 +4676,7 @@ BigNumToBin ( > > > > OUT UINT8 *Buf > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); > > > > + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); > > > > } > > > > > > > > /** > > > > @@ -4687,7 +4692,7 @@ BigNumFree ( > > > > IN BOOLEAN Clear > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); > > > > + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); > > > > } > > > > > > > > /** > > > > @@ -4710,7 +4715,7 @@ BigNumAdd ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4733,7 +4738,7 @@ BigNumSub ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4756,7 +4761,7 @@ BigNumMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4781,7 +4786,7 @@ BigNumExpMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -4804,7 +4809,7 @@ BigNumInverseMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -4827,7 +4832,7 @@ BigNumDiv ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4852,7 +4857,7 @@ BigNumMulMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -4872,7 +4877,7 @@ BigNumCmp ( > > > > IN CONST VOID *BnB > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); > > > > + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); > > > > } > > > > > > > > /** > > > > @@ -4888,7 +4893,7 @@ BigNumBits ( > > > > IN CONST VOID *Bn > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); > > > > + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); > > > > } > > > > > > > > /** > > > > @@ -4904,7 +4909,7 @@ BigNumBytes ( > > > > IN CONST VOID *Bn > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); > > > > + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); > > > > } > > > > > > > > /** > > > > @@ -4923,7 +4928,7 @@ BigNumIsWord ( > > > > IN UINTN Num > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4940,7 +4945,7 @@ BigNumIsOdd ( > > > > IN CONST VOID *Bn > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4959,7 +4964,7 @@ BigNumCopy ( > > > > IN CONST VOID *BnSrc > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4974,7 +4979,7 @@ BigNumValueOne ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4997,7 +5002,7 @@ BigNumRShift ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -5013,7 +5018,7 @@ BigNumConstTime ( > > > > IN VOID *Bn > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); > > > > + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); > > > > } > > > > > > > > /** > > > > @@ -5036,7 +5041,7 @@ BigNumSqrMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, > > 12); > > > > } > > > > > > > > /** > > > > @@ -5052,7 +5057,7 @@ BigNumNewContext ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -5066,7 +5071,7 @@ BigNumContextFree ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); > > > > + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); > > > > } > > > > > > > > /** > > > > @@ -5085,7 +5090,7 @@ BigNumSetUint ( > > > > IN UINTN Val > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -5108,7 +5113,7 @@ BigNumAddMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -5128,7 +5133,7 @@ EcGroupInit ( > > > > IN UINTN CryptoNid > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); > > > > + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); > > > > } > > > > > > > > /** > > > > @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > > BnB, > > > > BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > > BnB, > > > > BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( > > > > OUT VOID *BnOrder > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), > FALSE, > > > 13); > > > > } > > > > > > > > /** > > > > @@ -5192,7 +5197,7 @@ EcGroupFree ( > > > > IN VOID *EcGroup > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); > > > > + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); > > > > } > > > > > > > > /** > > > > @@ -5210,7 +5215,7 @@ EcPointInit ( > > > > IN CONST VOID *EcGroup > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); > > > > + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); > > > > } > > > > > > > > /** > > > > @@ -5226,7 +5231,7 @@ EcPointDeInit ( > > > > IN BOOLEAN Clear > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); > > > > + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); > > > > } > > > > > > > > /** > > > > @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5305,7 +5310,7 @@ EcPointAdd ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, > EcPointA, > > > > EcPointB, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, > EcPointA, > > > > EcPointB, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5331,7 +5336,7 @@ EcPointMul ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > > BnPScalar, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > > BnPScalar, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5352,7 +5357,7 @@ EcPointInvert ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > > FALSE, > > > > 13); > > > > } > > > > > > > > /** > > > > @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > > FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( > > > > IN CONST VOID *EcPoint > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, > > > 13); > > > > } > > > > > > > > /** > > > > @@ -5415,7 +5420,7 @@ EcPointEqual ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > > BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > > BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > > > EcPoint, BnX, YBit, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, > (EcGroup, > > > > EcPoint, BnX, YBit, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5462,7 +5467,7 @@ EcNewByNid ( > > > > IN UINTN Nid > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); > > > > + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); > > > > } > > > > > > > > /** > > > > @@ -5476,7 +5481,7 @@ EcFree ( > > > > IN VOID *EcContext > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); > > > > + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); > > > > } > > > > > > > > /** > > > > @@ -5513,7 +5518,7 @@ EcGenerateKey ( > > > > IN OUT UINTN *PublicKeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > > PublicKeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > > PublicKeySize), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5538,7 +5543,7 @@ EcGetPubKey ( > > > > IN OUT UINTN *PublicKeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > > PublicKeySize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > > > PublicKeySize), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5577,7 +5582,7 @@ EcDhComputeKey ( > > > > IN OUT UINTN *KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( > > > > OUT VOID **EcContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > > EcContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > > EcContext), FALSE, 15); > > > > } > > > > > > > > /** > > > > @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( > > > > OUT VOID **EcContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, > PemSize, > > > > Password, EcContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, > PemSize, > > > > Password, EcContext), FALSE, 15); > > > > } > > > > > > > > /** > > > > @@ -5676,7 +5681,7 @@ EcDsaSign ( > > > > IN OUT UINTN *SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, > MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, > MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 15); > > > > } > > > > > > > > /** > > > > @@ -5713,5 +5718,5 @@ EcDsaVerify ( > > > > IN UINTN SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > > MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > > MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 15); > > > > } > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > index dc7527bb01..fe9cdc0d4d 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( > > > > ) > > > > { > > > > EFI_STATUS Status; > > > > - UINTN Version; > > > > > > > > Status = gBS->LocateProtocol ( > > > > &gEdkiiCryptoProtocolGuid, > > > > @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( > > > > return EFI_NOT_FOUND; > > > > } > > > > > > > > - Version = mCryptoProtocol->GetVersion (); > > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > > - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol > unsupported > > > > version %d\n", Version)); > > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > > - mCryptoProtocol = NULL; > > > > - return EFI_NOT_FOUND; > > > > - } > > > > - > > > > return EFI_SUCCESS; > > > > } > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > index 51f858302f..6ad1d3afe0 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > @@ -30,7 +30,6 @@ GetCryptoServices ( > > > > { > > > > EFI_STATUS Status; > > > > EDKII_CRYPTO_PPI *CryptoPpi; > > > > - UINTN Version; > > > > > > > > CryptoPpi = NULL; > > > > Status = PeiServicesLocatePpi ( > > > > @@ -46,12 +45,5 @@ GetCryptoServices ( > > > > return NULL; > > > > } > > > > > > > > - Version = CryptoPpi->GetVersion (); > > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > > - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported > > > > version %d\n", Version)); > > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > > - return NULL; > > > > - } > > > > - > > > > return (VOID *)CryptoPpi; > > > > } > > > > diff --git > a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > index be0f44e63b..6c7c75c8a7 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( > > > > ) > > > > { > > > > EFI_STATUS Status; > > > > - UINTN Version; > > > > > > > > Status = gSmst->SmmLocateProtocol ( > > > > &gEdkiiSmmCryptoProtocolGuid, > > > > @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( > > > > return EFI_NOT_FOUND; > > > > } > > > > > > > > - Version = mSmmCryptoProtocol->GetVersion (); > > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > > - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol > > > > unsupported version %d\n", Version)); > > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > > - mSmmCryptoProtocol = NULL; > > > > - return EFI_NOT_FOUND; > > > > - } > > > > - > > > > return EFI_SUCCESS; > > > > } > > > > -- > > > > 2.31.1.windows.1 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible 2023-01-06 15:19 ` Yao, Jiewen @ 2023-01-06 18:11 ` Li, Yi 0 siblings, 0 replies; 9+ messages in thread From: Li, Yi @ 2023-01-06 18:11 UTC (permalink / raw) To: Yao, Jiewen, devel@edk2.groups.io Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Kinney, Michael D [-- Attachment #1: Type: text/plain, Size: 98023 bytes --] Sorry, there may be a misunderstanding here, 'latest platform code' means 'EDK2 in latest platform code'. CyptoBin is not the only consideration, CyptoConsumer will statically link other EDK2 libraries, such as MemoryLib, PrintLib, which prefer to use the latest EDK2 code, because it may contain important bug fixes. Compatibility is not a big problem since most libraries use static linking. If Crypto Protocol can be backward compatible, the development of features will be more independent, and they can be directly developed based on the latest EDK2 without considering the platform code. Thanks, Yi -----Original Message----- From: Yao, Jiewen <jiewen.yao@intel.com> Sent: Friday, January 6, 2023 11:20 PM To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com> Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible > The developers of CryptoConsumer always build binary based on latest platform code. If so, how you guarantee the compatibility between CryptoConsumer and old other platform code? The saftest way is always to build CryptoConsumer with old platform, then replace it with the one in the old platform. > -----Original Message----- > From: Li, Yi1 <yi1.li@intel.com<mailto:yi1.li@intel.com>> > Sent: Friday, January 6, 2023 11:09 PM > To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; devel@edk2.groups.io<mailto:devel@edk2.groups.io> > Cc: Wang, Jian J <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>>; Jiang, Guomin <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>>; Kinney, > Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > >However, I am still not sure why the CryptoConsumer need link a higher > version CryptoLib wrapper, if it wants to work with old CryptoBin. > > The developers of CryptoConsumer always build binary based on latest > platform code. > They prefer to keep the integrity of the platform code instead of changing the > CryptoLib wrapper. > > The result is that there will be two binaries on the old platform and the new > platform. > > Thanks, > Yi > > -----Original Message----- > From: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>> > Sent: Friday, January 6, 2023 8:14 PM > To: devel@edk2.groups.io<mailto:devel@edk2.groups.io>; Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; Li, Yi1 > <yi1.li@intel.com<mailto:yi1.li@intel.com>> > Cc: Wang, Jian J <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>>; Lu, Xiaoyu1 > <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>>; Jiang, Guomin <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>>; Kinney, > Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>> > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > backward compatible > > Hi Yi > I believe I have some misunderstanding, after I read the definition again. > According to > https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol > /Crypto.h#L24, the version means "The version of the EDK II Crypto > Protocol." > It is not the version of the implementation. As such, my comment on bug fix > does not stand. I am sorry to bring the confusing. > With that, I don't have a super strong reason to reject, so far. > > However, I am still not sure why the CryptoConsumer need link a higher > version CryptoLib wrapper, if it wants to work with old CryptoBin. > > Thank you > Yao, Jiewen > > > > > -----Original Message----- > > From: devel@edk2.groups.io<mailto:devel@edk2.groups.io> <devel@edk2.groups.io<mailto:devel@edk2.groups.io>> On Behalf Of Yao, > > Jiewen > > Sent: Friday, January 6, 2023 7:21 PM > > To: Li, Yi1 <yi1.li@intel.com<mailto:yi1.li@intel.com>>; devel@edk2.groups.io<mailto:devel@edk2.groups.io> > > Cc: Wang, Jian J <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>>; Lu, Xiaoyu1 > > <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>>; Jiang, Guomin <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>>; Kinney, > > Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>> > > Subject: Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > backward compatible > > > > Perhaps we can ask developers to update the minimum version of > CyptoAPI > > after bug or security fixes. > > > > [Jiewen] First, this is a new requirement. Hard to enforce. > > Second, if you do this, then you *may* need update the CryptoBin, if > > CryptoConsumer is updated. > > Third, it is hard to determine *when* to upgrade the MinVersion, > especially > > when a bug fix is in the dependency module. For example, the code in > > CryptoPkg does not update, but the MdePkg update, which may cause the > > CryptoBin update. Should we update MinVersion? It will bring a burden to > > the one who maintains the MinVersion. > > > > I believe it will create more potential compatibility problem. > > > > > > One more question: > > If you want to update CryptoConsumer, but keep CryptoBin. Why you want > > to link a higher version of CryptoLib wrapper? Why not use the old version > > CryptoLib wrapper? > > > > Thank you > > Yao, Jiewen > > > > > -----Original Message----- > > > From: Li, Yi1 <yi1.li@intel.com<mailto:yi1.li@intel.com>> > > > Sent: Friday, January 6, 2023 7:07 PM > > > To: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; devel@edk2.groups.io<mailto:devel@edk2.groups.io> > > > Cc: Wang, Jian J <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>>; Lu, Xiaoyu1 > > > <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>>; Jiang, Guomin <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>>; > Kinney, > > > Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>> > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > API > > > backward compatible > > > > > > Hi Jiewen, > > > > > > Thanks for feedback. > > > > > > >If you can upgrade the CryptoConsumer, why not upgrade the CryptoBin > > at > > > the same time? > > > > > > 1. CryptoConsumer and CryptoBin are usually delivered by different > people. > > > For example, some features that require CryptoBin are responsible for by > > an > > > independent team, but Cyptobin is responsible for the platform as part of > > > the platform firmware. > > > > > > 2. In the actual development process, the update of CryptoBin is often > > > difficult due to reasons such as binary size or freeze of platform code, > > > especially on older platforms, which will cause the feature development > > > team to have to maintain multiple feature versions based on different > EDK2 > > > CyptoPkg. > > > > > > > But it is NOT TRUE, if you care the implementation of API. Maybe the > > higher > > > version of an API fixed some bug, or add some new features. > > > > > > Perhaps we can ask developers to update the minimum version of > > CyptoAPI > > > after bug or security fixes. > > > > > > Thanks, > > > Yi > > > > > > -----Original Message----- > > > From: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>> > > > Sent: Friday, January 6, 2023 6:06 PM > > > To: Li, Yi1 <yi1.li@intel.com<mailto:yi1.li@intel.com>>; devel@edk2.groups.io<mailto:devel@edk2.groups.io> > > > Cc: Wang, Jian J <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>>; Lu, Xiaoyu1 > > > <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>>; Jiang, Guomin <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>>; > Kinney, > > > Michael D <michael.d.kinney@intel.com<mailto:michael.d.kinney@intel.com>> > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > API > > > backward compatible > > > > > > Thanks Yi. > > > You raised a very interesting question. > > > > > > + Mike Kinney, to comment from the requirement perspective. > > > > > > The original design is very simple: CryptoBin.Version >= > > > CryptoConsumer.Version. > > > > > > Now you want to handle the case that: CryptoConsumer.Version > > > > CryptoBin.Version, but the CryptoConsumer.Api is already present in > > > CryptoBin.Api. > > > To me, the hidden assumption is that: As long as an API is present, it will > be > > > used. The version of the API is not cared. > > > > > > This is only TRUE, if you only care the API is present or absent. > > > But it is NOT TRUE, if you care the implementation of API. Maybe the > higher > > > version of an API fixed some bug, or add some new features. > > > > > > I believe this is very dangerous downgrade. I don't recommend we do it. > > > Mike, what do you think? > > > > > > Question to Yi: If you can upgrade the CryptoConsumer, why not upgrade > > the > > > CryptoBin at the same time? > > > > > > Thank you > > > Yao, Jiewen > > > > > > > -----Original Message----- > > > > From: Li, Yi1 <yi1.li@intel.com<mailto:yi1.li@intel.com>> > > > > Sent: Wednesday, January 4, 2023 10:03 AM > > > > To: devel@edk2.groups.io<mailto:devel@edk2.groups.io>; Li, Yi1 <yi1.li@intel.com<mailto:yi1.li@intel.com>> > > > > Cc: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; Wang, Jian J > > > > <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>>; Jiang, > > > > Guomin <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>> > > > > Subject: RE: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service > > API > > > > backward compatible > > > > > > > > Hi, any comments about this BZ and patch? > > > > Code link: https://github.com/tianocore/edk2/pull/3787 > > > > > > > > -----Original Message----- > > > > From: devel@edk2.groups.io<mailto:devel@edk2.groups.io> <devel@edk2.groups.io<mailto:devel@edk2.groups.io>> On Behalf Of Li, > Yi > > > > Sent: Monday, December 19, 2022 2:24 PM > > > > To: devel@edk2.groups.io<mailto:devel@edk2.groups.io> > > > > Cc: Li, Yi1 <yi1.li@intel.com<mailto:yi1.li@intel.com>>; Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; > Wang, > > > > Jian J <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>>; > > Jiang, > > > > Guomin <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>> > > > > Subject: [edk2-devel] [PATCH 1/1] CryptoPkg: Make Protocol Service API > > > > backward compatible > > > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4197 > > > > > > > > Using older Crypto protocol will be allowed. > > > > Each function wrapper will be annotated to require a minimum > required > > > > version of the crypto protocol and assert if called when the version is > > > > not compatible. > > > > Ths minimum version difined as the version when the API was > introduced. > > > > Details: > > > > ///Parallel hash: MinVersion 8 > > > > ParallelHash256HashAll, > > > > /// HMAC SHA256 (continued): MinVersion 9 > > > > HmacSha256All, > > > > /// HMAC SHA384: MinVersion 9 > > > > HmacSha384New, > > > > ... > > > > HmacSha384All, > > > > /// HKDF (continued): MinVersion 10 > > > > HkdfSha256Extract, > > > > ... > > > > HkdfSha384Expand, > > > > /// Aead Aes GCM: MinVersion 11 > > > > AeadAesGcmEncrypt, > > > > AeadAesGcmDecrypt, > > > > /// Big Numbers: MinVersion 12 > > > > BigNumInit, > > > > ... > > > > BigNumAddMod, > > > > /// EC: MinVersion 13 > > > > EcGroupInit, > > > > ... > > > > EcDhComputeKey, > > > > /// TLS (continued): MinVersion 14 > > > > TlsShutdown, > > > > ... > > > > TlsGetExportKey, > > > > /// Ec (Continued): MinVersion 15 > > > > EcGetPublicKeyFromX509, > > > > ... > > > > EcDsaVerify, > > > > /// X509 (Continued): MinVersion 16 > > > > X509GetVersion, > > > > ... > > > > X509GetExtendedBasicConstraints > > > > /// Others: MinVersion 7 > > > > > > > > Cc: Jiewen Yao <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>> > > > > Cc: Jian J Wang <jian.j.wang@intel.com<mailto:jian.j.wang@intel.com>> > > > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com<mailto:xiaoyu1.lu@intel.com>> > > > > Cc: Guomin Jiang <guomin.jiang@intel.com<mailto:guomin.jiang@intel.com>> > > > > Signed-off-by: Yi Li <yi1.li@intel.com<mailto:yi1.li@intel.com>> > > > > --- > > > > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 449 +++++++++--------- > > > > .../BaseCryptLibOnProtocolPpi/DxeCryptLib.c | 9 - > > > > .../BaseCryptLibOnProtocolPpi/PeiCryptLib.c | 8 - > > > > .../BaseCryptLibOnProtocolPpi/SmmCryptLib.c | 9 - > > > > 4 files changed, 227 insertions(+), 248 deletions(-) > > > > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > index 4e31bc278e..e470a0f0d4 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > > > > @@ -24,18 +24,20 @@ > > > > @param Args The argument list to pass to Function. > > > > @param ErrorReturnValue The value to return if the protocol is NULL > > or > > > > the > > > > service in the protocol is NULL. > > > > - > > > > -**/ > > > > -#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue) > \ > > > > - do { \ > > > > - EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > > - \ > > > > - CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > > \ > > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > > - return (CryptoServices->Function) Args; \ > > > > - } \ > > > > - CryptoServiceNotAvailable (#Function); \ > > > > - return ErrorReturnValue; \ > > > > + @param MinVersion The minimum protocol version that > supports > > > the > > > > API. > > > > + > > > > +**/ > > > > +#define CALL_CRYPTO_SERVICE(Function, Args, ErrorReturnValue, > > > > MinVersion) \ > > > > + do { \ > > > > + EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > > + \ > > > > + CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > > > \ > > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && > > \ > > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > > + return (CryptoServices->Function) Args; \ > > > > + } \ > > > > + CryptoServiceNotAvailable (#Function); \ > > > > + return ErrorReturnValue; \ > > > > } while (FALSE); > > > > > > > > /** > > > > @@ -45,14 +47,16 @@ > > > > > > > > @param Function Name of the EDK II Crypto Protocol service to > > call. > > > > @param Args The argument list to pass to Function. > > > > + @param MinVersion The minimum protocol version that > supports > > > the > > > > API. > > > > > > > > **/ > > > > -#define CALL_VOID_CRYPTO_SERVICE(Function, Args) \ > > > > +#define CALL_VOID_CRYPTO_SERVICE(Function, Args, MinVersion) > > \ > > > > do { \ > > > > EDKII_CRYPTO_PROTOCOL *CryptoServices; \ > > > > \ > > > > CryptoServices = (EDKII_CRYPTO_PROTOCOL *)GetCryptoServices (); > \ > > > > - if (CryptoServices != NULL && CryptoServices->Function != NULL) { \ > > > > + if (CryptoServices != NULL && CryptoServices->Function != NULL && > \ > > > > + CryptoServices->GetVersion () >= MinVersion) { \ > > > > (CryptoServices->Function) Args; \ > > > > return; \ > > > > } \ > > > > @@ -116,7 +120,7 @@ Md5GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Md5GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -139,7 +143,7 @@ Md5Init ( > > > > OUT VOID *Md5Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Init, (Md5Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -164,7 +168,7 @@ Md5Duplicate ( > > > > OUT VOID *NewMd5Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, > NewMd5Context), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Duplicate, (Md5Context, > > NewMd5Context), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -195,7 +199,7 @@ Md5Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Update, (Md5Context, Data, DataSize), > > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -227,7 +231,7 @@ Md5Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5Final, (Md5Context, HashValue), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -256,7 +260,7 @@ Md5HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > #endif > > > > @@ -278,7 +282,7 @@ Sha1GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha1GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -301,7 +305,7 @@ Sha1Init ( > > > > OUT VOID *Sha1Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Init, (Sha1Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -326,7 +330,7 @@ Sha1Duplicate ( > > > > OUT VOID *NewSha1Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > > NewSha1Context), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Duplicate, (Sha1Context, > > NewSha1Context), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -357,7 +361,7 @@ Sha1Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Update, (Sha1Context, Data, DataSize), > > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -389,7 +393,7 @@ Sha1Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1Final, (Sha1Context, HashValue), FALSE, > > 7); > > > > } > > > > > > > > /** > > > > @@ -418,7 +422,7 @@ Sha1HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > #endif > > > > @@ -435,7 +439,7 @@ Sha256GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha256GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -456,7 +460,7 @@ Sha256Init ( > > > > OUT VOID *Sha256Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Init, (Sha256Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -481,7 +485,7 @@ Sha256Duplicate ( > > > > OUT VOID *NewSha256Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > > NewSha256Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Duplicate, (Sha256Context, > > > > NewSha256Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -510,7 +514,7 @@ Sha256Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > > DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Update, (Sha256Context, Data, > > DataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -540,7 +544,7 @@ Sha256Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256Final, (Sha256Context, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -569,7 +573,7 @@ Sha256HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha256HashAll, (Data, DataSize, HashValue), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -584,7 +588,7 @@ Sha384GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha384GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -605,7 +609,7 @@ Sha384Init ( > > > > OUT VOID *Sha384Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Init, (Sha384Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -630,7 +634,7 @@ Sha384Duplicate ( > > > > OUT VOID *NewSha384Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > > NewSha384Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Duplicate, (Sha384Context, > > > > NewSha384Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -659,7 +663,7 @@ Sha384Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > > DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Update, (Sha384Context, Data, > > DataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -689,7 +693,7 @@ Sha384Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384Final, (Sha384Context, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -718,7 +722,7 @@ Sha384HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha384HashAll, (Data, DataSize, HashValue), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -733,7 +737,7 @@ Sha512GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sha512GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -754,7 +758,7 @@ Sha512Init ( > > > > OUT VOID *Sha512Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Init, (Sha512Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -779,7 +783,7 @@ Sha512Duplicate ( > > > > OUT VOID *NewSha512Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > > NewSha512Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Duplicate, (Sha512Context, > > > > NewSha512Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -808,7 +812,7 @@ Sha512Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > > DataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Update, (Sha512Context, Data, > > DataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -838,7 +842,7 @@ Sha512Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512Final, (Sha512Context, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -867,7 +871,7 @@ Sha512HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -899,7 +903,7 @@ ParallelHash256HashAll ( > > > > IN UINTN CustomByteLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, > > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, > InputByteLen, > > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), > FALSE, > > > 8); > > > > } > > > > > > > > /** > > > > @@ -914,7 +918,7 @@ Sm3GetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (Sm3GetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -935,7 +939,7 @@ Sm3Init ( > > > > OUT VOID *Sm3Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Init, (Sm3Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -960,7 +964,7 @@ Sm3Duplicate ( > > > > OUT VOID *NewSm3Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, > NewSm3Context), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Duplicate, (Sm3Context, > NewSm3Context), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -989,7 +993,7 @@ Sm3Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Update, (Sm3Context, Data, DataSize), > > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -1019,7 +1023,7 @@ Sm3Final ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3Final, (Sm3Context, HashValue), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -1048,7 +1052,7 @@ Sm3HashAll ( > > > > OUT UINT8 *HashValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Sm3HashAll, (Data, DataSize, HashValue), > > FALSE, > > > > 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1068,7 +1072,7 @@ HmacSha256New ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL); > > > > + CALL_CRYPTO_SERVICE (HmacSha256New, (), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -1083,7 +1087,7 @@ HmacSha256Free ( > > > > IN VOID *HmacSha256Ctx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx)); > > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha256Free, (HmacSha256Ctx), > 7); > > > > } > > > > > > > > /** > > > > @@ -1110,7 +1114,7 @@ HmacSha256SetKey ( > > > > IN UINTN KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, > Key, > > > > KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256SetKey, (HmacSha256Context, > Key, > > > > KeySize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1135,7 +1139,7 @@ HmacSha256Duplicate ( > > > > OUT VOID *NewHmacSha256Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > > NewHmacSha256Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256Duplicate, (HmacSha256Context, > > > > NewHmacSha256Context), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1166,7 +1170,7 @@ HmacSha256Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > > Data, > > > > DataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256Update, (HmacSha256Context, > > > Data, > > > > DataSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1198,7 +1202,7 @@ HmacSha256Final ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, > > > > HmacValue), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1231,7 +1235,7 @@ HmacSha256All ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1247,7 +1251,7 @@ HmacSha384New ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > > > > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL, 9); > > > > } > > > > > > > > /** > > > > @@ -1262,7 +1266,7 @@ HmacSha384Free ( > > > > IN VOID *HmacSha384Ctx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > > > > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx), > 9); > > > > } > > > > > > > > /** > > > > @@ -1289,7 +1293,7 @@ HmacSha384SetKey ( > > > > IN UINTN KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, > Key, > > > > KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, > Key, > > > > KeySize), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1314,7 +1318,7 @@ HmacSha384Duplicate ( > > > > OUT VOID *NewHmacSha384Context > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > > NewHmacSha384Context), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > > > > NewHmacSha384Context), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1345,7 +1349,7 @@ HmacSha384Update ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > > Data, > > > > DataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, > > > Data, > > > > DataSize), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1377,7 +1381,7 @@ HmacSha384Final ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > > > > HmacValue), FALSE, 9); > > > > } > > > > > > > > /** > > > > @@ -1410,7 +1414,7 @@ HmacSha384All ( > > > > OUT UINT8 *HmacValue > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE); > > > > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > > > > HmacValue), FALSE, 9); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1432,7 +1436,7 @@ AesGetContextSize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0); > > > > + CALL_CRYPTO_SERVICE (AesGetContextSize, (), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -1465,7 +1469,7 @@ AesInit ( > > > > IN UINTN KeyLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE, > > 7); > > > > } > > > > > > > > /** > > > > @@ -1507,7 +1511,7 @@ AesCbcEncrypt ( > > > > OUT UINT8 *Output > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > > Ivec, > > > > Output), FALSE); > > > > + CALL_CRYPTO_SERVICE (AesCbcEncrypt, (AesContext, Input, InputSize, > > > Ivec, > > > > Output), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1549,7 +1553,7 @@ AesCbcDecrypt ( > > > > OUT UINT8 *Output > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, > > > Ivec, > > > > Output), FALSE); > > > > + CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, > InputSize, > > > > Ivec, Output), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1597,7 +1601,7 @@ AeadAesGcmEncrypt ( > > > > OUT UINTN *DataOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > > DataOutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (AeadAesGcmEncrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, TagOut, TagSize, DataOut, > > > > DataOutSize), FALSE, 11); > > > > } > > > > > > > > /** > > > > @@ -1642,7 +1646,7 @@ AeadAesGcmDecrypt ( > > > > OUT UINTN *DataOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > > DataOutSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (AeadAesGcmDecrypt, (Key, KeySize, Iv, IvSize, > > > > AData, ADataSize, DataIn, DataInSize, Tag, TagSize, DataOut, > > DataOutSize), > > > > FALSE, 11); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -1662,7 +1666,7 @@ RsaNew ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaNew, (), NULL); > > > > + CALL_CRYPTO_SERVICE (RsaNew, (), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -1679,7 +1683,7 @@ RsaFree ( > > > > IN VOID *RsaContext > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext)); > > > > + CALL_VOID_CRYPTO_SERVICE (RsaFree, (RsaContext), 7); > > > > } > > > > > > > > /** > > > > @@ -1713,7 +1717,7 @@ RsaSetKey ( > > > > IN UINTN BnSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaSetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1753,7 +1757,7 @@ RsaGetKey ( > > > > IN OUT UINTN *BnSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGetKey, (RsaContext, KeyTag, BigNumber, > > > > BnSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1788,7 +1792,7 @@ RsaGenerateKey ( > > > > IN UINTN PublicExponentSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, > ModulusLength, > > > > PublicExponent, PublicExponentSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGenerateKey, (RsaContext, > ModulusLength, > > > > PublicExponent, PublicExponentSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1818,7 +1822,7 @@ RsaCheckKey ( > > > > IN VOID *RsaContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaCheckKey, (RsaContext), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1858,7 +1862,7 @@ RsaPkcs1Sign ( > > > > IN OUT UINTN *SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Sign, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1890,7 +1894,7 @@ RsaPkcs1Verify ( > > > > IN UINTN SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPkcs1Verify, (RsaContext, MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1923,7 +1927,7 @@ RsaPssVerify ( > > > > IN UINT16 SaltLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > > Signature, SigSize, DigestLen, SaltLen), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPssVerify, (RsaContext, Message, MsgSize, > > > > Signature, SigSize, DigestLen, SaltLen), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1968,7 +1972,7 @@ RsaPssSign ( > > > > IN OUT UINTN *SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > > DigestLen, SaltLen, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaPssSign, (RsaContext, Message, MsgSize, > > > > DigestLen, SaltLen, Signature, SigSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -1999,7 +2003,7 @@ RsaGetPrivateKeyFromPem ( > > > > OUT VOID **RsaContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > > PemSize, > > > > Password, RsaContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGetPrivateKeyFromPem, (PemData, > > PemSize, > > > > Password, RsaContext), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2028,7 +2032,7 @@ RsaGetPublicKeyFromX509 ( > > > > OUT VOID **RsaContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > > RsaContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (RsaGetPublicKeyFromX509, (Cert, CertSize, > > > > RsaContext), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2059,7 +2063,7 @@ X509GetSubjectName ( > > > > IN OUT UINTN *SubjectSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > > CertSubject, > > > > SubjectSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetSubjectName, (Cert, CertSize, > > > CertSubject, > > > > SubjectSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2097,7 +2101,7 @@ X509GetCommonName ( > > > > IN OUT UINTN *CommonNameSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (X509GetCommonName, (Cert, CertSize, > > > > CommonName, CommonNameSize), RETURN_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -2135,7 +2139,7 @@ X509GetOrganizationName ( > > > > IN OUT UINTN *NameBufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (X509GetOrganizationName, (Cert, CertSize, > > > > NameBuffer, NameBufferSize), RETURN_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -2165,7 +2169,7 @@ X509VerifyCert ( > > > > IN UINTN CACertSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > > CACertSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509VerifyCert, (Cert, CertSize, CACert, > > > > CACertSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2192,7 +2196,7 @@ X509ConstructCertificate ( > > > > OUT UINT8 **SingleX509Cert > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > > SingleX509Cert), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificate, (Cert, CertSize, > > > > SingleX509Cert), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2256,7 +2260,7 @@ X509ConstructCertificateStackV ( > > > > IN VA_LIST Args > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > > Args), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509ConstructCertificateStackV, (X509Stack, > > > Args), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2273,7 +2277,7 @@ X509Free ( > > > > IN VOID *X509Cert > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert)); > > > > + CALL_VOID_CRYPTO_SERVICE (X509Free, (X509Cert), 7); > > > > } > > > > > > > > /** > > > > @@ -2290,7 +2294,7 @@ X509StackFree ( > > > > IN VOID *X509Stack > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack)); > > > > + CALL_VOID_CRYPTO_SERVICE (X509StackFree, (X509Stack), 7); > > > > } > > > > > > > > /** > > > > @@ -2319,7 +2323,7 @@ X509GetTBSCert ( > > > > OUT UINTN *TBSCertSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > > TBSCertSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, > > > > TBSCertSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2346,7 +2350,7 @@ X509GetVersion ( > > > > OUT UINTN *Version > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), > > FALSE, > > > > 16); > > > > } > > > > > > > > /** > > > > @@ -2381,7 +2385,7 @@ X509GetSerialNumber ( > > > > IN OUT UINTN *SerialNumberSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > > SerialNumber, SerialNumberSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, > > > > SerialNumber, SerialNumberSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2412,7 +2416,7 @@ X509GetIssuerName ( > > > > IN OUT UINTN *CertIssuerSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, > CertIssuer, > > > > CertIssuerSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, > > CertIssuer, > > > > CertIssuerSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2442,7 +2446,7 @@ X509GetSignatureAlgorithm ( > > > > IN OUT UINTN *OidSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > > Oid, > > > > OidSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, > > Oid, > > > > OidSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2476,7 +2480,7 @@ X509GetExtensionData ( > > > > IN OUT UINTN *ExtensionDataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > > OidSize, ExtensionData, ExtensionDataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, > > > > OidSize, ExtensionData, ExtensionDataSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2505,7 +2509,7 @@ X509GetExtendedKeyUsage ( > > > > IN OUT UINTN *UsageSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > > Usage, > > > > UsageSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, > > > Usage, > > > > UsageSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2540,7 +2544,7 @@ X509GetValidity ( > > > > IN OUT UINTN *ToSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > > FromSize, > > > > To, ToSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, > > FromSize, > > > > To, ToSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2574,7 +2578,7 @@ X509FormatDateTime ( > > > > IN OUT UINTN *DateTimeSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, > DateTime, > > > > DateTimeSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509FormatDateTime, (DateTimeStr, > DateTime, > > > > DateTimeSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2600,7 +2604,7 @@ X509CompareDateTime ( > > > > IN CONST VOID *DateTime2 > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > > DateTime2), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, > > > DateTime2), > > > > FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2622,7 +2626,7 @@ X509GetKeyUsage ( > > > > OUT UINTN *Usage > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), > > FALSE, > > > > 16); > > > > } > > > > > > > > /** > > > > @@ -2650,7 +2654,7 @@ X509VerifyCertChain ( > > > > IN UINTN CertChainLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > > RootCertLength, > > > > CertChain, CertChainLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, > > RootCertLength, > > > > CertChain, CertChainLength), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2681,7 +2685,7 @@ X509GetCertFromCertChain ( > > > > OUT UINTN *CertLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > > CertChainLength, CertIndex, Cert, CertLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, > > > > CertChainLength, CertIndex, Cert, CertLength), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2704,7 +2708,7 @@ Asn1GetTag ( > > > > IN UINT32 Tag > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE); > > > > + CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE, > 16); > > > > } > > > > > > > > /** > > > > @@ -2734,7 +2738,7 @@ X509GetExtendedBasicConstraints ( > > > > UINTN *BasicConstraintsSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > > CertSize, > > > > BasicConstraints, BasicConstraintsSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, > > > CertSize, > > > > BasicConstraints, BasicConstraintsSize), FALSE, 16); > > > > } > > > > > > > > /** > > > > @@ -2777,7 +2781,7 @@ Pkcs5HashPassword ( > > > > OUT UINT8 *OutKey > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > > Password, > > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs5HashPassword, (PasswordLength, > > > Password, > > > > SaltLength, Salt, IterationCount, DigestSize, KeyLength, OutKey), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -2822,7 +2826,7 @@ Pkcs1v2Encrypt ( > > > > OUT UINTN *EncryptedDataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > > InData, > > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, > > > InData, > > > > InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), > > > > FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2862,7 +2866,7 @@ Pkcs7GetSigners ( > > > > OUT UINTN *CertLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, > CertStack, > > > > StackLength, TrustedCert, CertLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7GetSigners, (P7Data, P7Length, > CertStack, > > > > StackLength, TrustedCert, CertLength), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2879,7 +2883,7 @@ Pkcs7FreeSigners ( > > > > IN UINT8 *Certs > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs)); > > > > + CALL_VOID_CRYPTO_SERVICE (Pkcs7FreeSigners, (Certs), 7); > > > > } > > > > > > > > /** > > > > @@ -2915,7 +2919,7 @@ Pkcs7GetCertificatesList ( > > > > OUT UINTN *UnchainLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7GetCertificatesList, (P7Data, P7Length, > > > > SignerChainCerts, ChainLength, UnchainCerts, UnchainLength), FALSE, > 7); > > > > } > > > > > > > > /** > > > > @@ -2959,7 +2963,7 @@ Pkcs7Sign ( > > > > OUT UINTN *SignedDataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > > SignedDataSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7Sign, (PrivateKey, PrivateKeySize, > > > > KeyPassword, InData, InDataSize, SignCert, OtherCerts, SignedData, > > > > SignedDataSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -2995,7 +2999,7 @@ Pkcs7Verify ( > > > > IN UINTN DataLength > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > > CertLength, InData, DataLength), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7Verify, (P7Data, P7Length, TrustedCert, > > > > CertLength, InData, DataLength), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3040,7 +3044,7 @@ VerifyEKUsInPkcs7Signature ( > > > > IN BOOLEAN RequireAllPresent > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, > > > > SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), > > FALSE, > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -3072,7 +3076,7 @@ Pkcs7GetAttachedContent ( > > > > OUT UINTN *ContentSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, P7Length, > > > > Content, ContentSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (Pkcs7GetAttachedContent, (P7Data, > P7Length, > > > > Content, ContentSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3110,7 +3114,7 @@ AuthenticodeVerify ( > > > > IN UINTN HashSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (AuthenticodeVerify, (AuthData, DataSize, > > > > TrustedCert, CertSize, ImageHash, HashSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3143,7 +3147,7 @@ ImageTimestampVerify ( > > > > OUT EFI_TIME *SigningTime > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > > TsaCert, CertSize, SigningTime), FALSE); > > > > + CALL_CRYPTO_SERVICE (ImageTimestampVerify, (AuthData, DataSize, > > > > TsaCert, CertSize, SigningTime), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -3164,7 +3168,7 @@ DhNew ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhNew, (), NULL); > > > > + CALL_CRYPTO_SERVICE (DhNew, (), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -3181,7 +3185,7 @@ DhFree ( > > > > IN VOID *DhContext > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext)); > > > > + CALL_VOID_CRYPTO_SERVICE (DhFree, (DhContext), 7); > > > > } > > > > > > > > /** > > > > @@ -3217,7 +3221,7 @@ DhGenerateParameter ( > > > > OUT UINT8 *Prime > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, > Generator, > > > > PrimeLength, Prime), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhGenerateParameter, (DhContext, > Generator, > > > > PrimeLength, Prime), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3252,7 +3256,7 @@ DhSetParameter ( > > > > IN CONST UINT8 *Prime > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > > PrimeLength, Prime), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhSetParameter, (DhContext, Generator, > > > > PrimeLength, Prime), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3287,7 +3291,7 @@ DhGenerateKey ( > > > > IN OUT UINTN *PublicKeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > > PublicKeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhGenerateKey, (DhContext, PublicKey, > > > > PublicKeySize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3326,7 +3330,7 @@ DhComputeKey ( > > > > IN OUT UINTN *KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > > PeerPublicKeySize, Key, KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (DhComputeKey, (DhContext, PeerPublicKey, > > > > PeerPublicKeySize, Key, KeySize), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -3358,7 +3362,7 @@ RandomSeed ( > > > > IN UINTN SeedSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (RandomSeed, (Seed, SeedSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3382,7 +3386,7 @@ RandomBytes ( > > > > IN UINTN Size > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE); > > > > + CALL_CRYPTO_SERVICE (RandomBytes, (Output, Size), FALSE, 7); > > > > } > > > > > > > > // > > > > > > > > > > ================================================================ > > > > ===================== > > > > @@ -3418,7 +3422,7 @@ HkdfSha256ExtractAndExpand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha256ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3446,7 +3450,7 @@ HkdfSha256Extract ( > > > > UINTN PrkOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha256Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3474,7 +3478,7 @@ HkdfSha256Expand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, > InfoSize, > > > > Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha256Expand, (Prk, PrkSize, Info, > > InfoSize, > > > > Out, OutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3506,7 +3510,7 @@ HkdfSha384ExtractAndExpand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha384ExtractAndExpand, (Key, KeySize, > > > Salt, > > > > SaltSize, Info, InfoSize, Out, OutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3534,7 +3538,7 @@ HkdfSha384Extract ( > > > > UINTN PrkOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha384Extract, (Key, KeySize, Salt, > SaltSize, > > > > PrkOut, PrkOutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3562,7 +3566,7 @@ HkdfSha384Expand ( > > > > IN UINTN OutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, > InfoSize, > > > > Out, OutSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (HkdfSha384Expand, (Prk, PrkSize, Info, > > InfoSize, > > > > Out, OutSize), FALSE, 10); > > > > } > > > > > > > > /** > > > > @@ -3582,7 +3586,7 @@ TlsInitialize ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE); > > > > + CALL_CRYPTO_SERVICE (TlsInitialize, (), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3597,7 +3601,7 @@ TlsCtxFree ( > > > > IN VOID *TlsCtx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsCtxFree, (TlsCtx), 7); > > > > } > > > > > > > > /** > > > > @@ -3618,7 +3622,7 @@ TlsCtxNew ( > > > > IN UINT8 MinorVer > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL); > > > > + CALL_CRYPTO_SERVICE (TlsCtxNew, (MajorVer, MinorVer), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -3636,7 +3640,7 @@ TlsFree ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsFree, (Tls), 7); > > > > } > > > > > > > > /** > > > > @@ -3658,7 +3662,7 @@ TlsNew ( > > > > IN VOID *TlsCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL); > > > > + CALL_CRYPTO_SERVICE (TlsNew, (TlsCtx), NULL, 7); > > > > } > > > > > > > > /** > > > > @@ -3678,7 +3682,7 @@ TlsInHandshake ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE); > > > > + CALL_CRYPTO_SERVICE (TlsInHandshake, (Tls), FALSE, 7); > > > > } > > > > > > > > /** > > > > @@ -3717,7 +3721,7 @@ TlsDoHandshake ( > > > > IN OUT UINTN *BufferOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsDoHandshake, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3755,7 +3759,7 @@ TlsHandleAlert ( > > > > IN OUT UINTN *BufferOutSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsHandleAlert, (Tls, BufferIn, BufferInSize, > > > > BufferOut, BufferOutSize), EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3784,7 +3788,7 @@ TlsCloseNotify ( > > > > IN OUT UINTN *BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsCloseNotify, (Tls, Buffer, BufferSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3809,7 +3813,7 @@ TlsCtrlTrafficOut ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficOut, (Tls, Buffer, BufferSize), 0, > 7); > > > > } > > > > > > > > /** > > > > @@ -3834,7 +3838,7 @@ TlsCtrlTrafficIn ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsCtrlTrafficIn, (Tls, Buffer, BufferSize), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -3860,7 +3864,7 @@ TlsRead ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsRead, (Tls, Buffer, BufferSize), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -3886,7 +3890,7 @@ TlsWrite ( > > > > IN UINTN BufferSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0); > > > > + CALL_CRYPTO_SERVICE (TlsWrite, (Tls, Buffer, BufferSize), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -3908,7 +3912,7 @@ TlsShutdown ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsShutdown, (Tls), EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -3933,7 +3937,7 @@ TlsSetVersion ( > > > > IN UINT8 MinorVer > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetVersion, (Tls, MajorVer, MinorVer), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3956,7 +3960,7 @@ TlsSetConnectionEnd ( > > > > IN BOOLEAN IsServer > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetConnectionEnd, (Tls, IsServer), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -3985,7 +3989,7 @@ TlsSetCipherList ( > > > > IN UINTN CipherNum > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCipherList, (Tls, CipherId, CipherNum), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4006,7 +4010,7 @@ TlsSetCompressionMethod ( > > > > IN UINT8 CompMethod > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCompressionMethod, (CompMethod), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4025,7 +4029,7 @@ TlsSetVerify ( > > > > IN UINT32 VerifyMode > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsSetVerify, (Tls, VerifyMode), 7); > > > > } > > > > > > > > /** > > > > @@ -4048,7 +4052,7 @@ TlsSetVerifyHost ( > > > > IN CHAR8 *HostName > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetVerifyHost, (Tls, Flags, HostName), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4074,7 +4078,7 @@ TlsSetSessionId ( > > > > IN UINT16 SessionIdLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, SessionIdLen), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetSessionId, (Tls, SessionId, > SessionIdLen), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4102,7 +4106,7 @@ TlsSetCaCertificate ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4130,7 +4134,7 @@ TlsSetHostPublicCert ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4160,7 +4164,7 @@ TlsSetHostPrivateKeyEx ( > > > > IN VOID *Password OPTIONAL > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > > Password), EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKeyEx, (Tls, Data, DataSize, > > > > Password), EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4187,7 +4191,7 @@ TlsSetHostPrivateKey ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4211,7 +4215,7 @@ TlsSetCertRevocationList ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4239,7 +4243,7 @@ TlsSetSignatureAlgoList ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4264,7 +4268,7 @@ TlsSetEcCurve ( > > > > IN UINTN DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsSetSignatureAlgoList, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsSetEcCurve, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 14); > > > > } > > > > > > > > /** > > > > @@ -4286,7 +4290,7 @@ TlsGetVersion ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0); > > > > + CALL_CRYPTO_SERVICE (TlsGetVersion, (Tls), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -4308,7 +4312,7 @@ TlsGetConnectionEnd ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0); > > > > + CALL_CRYPTO_SERVICE (TlsGetConnectionEnd, (Tls), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -4332,7 +4336,7 @@ TlsGetCurrentCipher ( > > > > IN OUT UINT16 *CipherId > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCipher, (Tls, CipherId), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4358,7 +4362,7 @@ TlsGetCurrentCompressionId ( > > > > IN OUT UINT8 *CompressionId > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > > CompressionId), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCurrentCompressionId, (Tls, > > > > CompressionId), EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4380,7 +4384,7 @@ TlsGetVerify ( > > > > IN VOID *Tls > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0); > > > > + CALL_CRYPTO_SERVICE (TlsGetVerify, (Tls), 0, 7); > > > > } > > > > > > > > /** > > > > @@ -4406,7 +4410,7 @@ TlsGetSessionId ( > > > > IN OUT UINT16 *SessionIdLen > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, > SessionIdLen), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetSessionId, (Tls, SessionId, > SessionIdLen), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4427,7 +4431,7 @@ TlsGetClientRandom ( > > > > IN OUT UINT8 *ClientRandom > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > > ClientRandom)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetClientRandom, (Tls, > > ClientRandom), > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -4448,7 +4452,7 @@ TlsGetServerRandom ( > > > > IN OUT UINT8 *ServerRandom > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > > ServerRandom)); > > > > + CALL_VOID_CRYPTO_SERVICE (TlsGetServerRandom, (Tls, > > > ServerRandom), > > > > 7); > > > > } > > > > > > > > /** > > > > @@ -4472,7 +4476,7 @@ TlsGetKeyMaterial ( > > > > IN OUT UINT8 *KeyMaterial > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetKeyMaterial, (Tls, KeyMaterial), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4499,7 +4503,7 @@ TlsGetCaCertificate ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCaCertificate, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4527,7 +4531,7 @@ TlsGetHostPublicCert ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetHostPublicCert, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4554,7 +4558,7 @@ TlsGetHostPrivateKey ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetHostPrivateKey, (Tls, Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4579,7 +4583,7 @@ TlsGetCertRevocationList ( > > > > IN OUT UINTN *DataSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED); > > > > + CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), > > > > EFI_UNSUPPORTED, 7); > > > > } > > > > > > > > /** > > > > @@ -4615,7 +4619,8 @@ TlsGetExportKey ( > > > > TlsGetExportKey, > > > > (Tls, Label, Context, ContextLen, > > > > KeyBuffer, KeyBufferLen), > > > > - EFI_UNSUPPORTED > > > > + EFI_UNSUPPORTED, > > > > + 14 > > > > ); > > > > } > > > > > > > > @@ -4634,7 +4639,7 @@ BigNumInit ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4652,7 +4657,7 @@ BigNumFromBin ( > > > > IN UINTN Len > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4671,7 +4676,7 @@ BigNumToBin ( > > > > OUT UINT8 *Buf > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); > > > > + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1, 12); > > > > } > > > > > > > > /** > > > > @@ -4687,7 +4692,7 @@ BigNumFree ( > > > > IN BOOLEAN Clear > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); > > > > + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear), 12); > > > > } > > > > > > > > /** > > > > @@ -4710,7 +4715,7 @@ BigNumAdd ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4733,7 +4738,7 @@ BigNumSub ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4756,7 +4761,7 @@ BigNumMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4781,7 +4786,7 @@ BigNumExpMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), > > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -4804,7 +4809,7 @@ BigNumInverseMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -4827,7 +4832,7 @@ BigNumDiv ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnB, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4852,7 +4857,7 @@ BigNumMulMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), > > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -4872,7 +4877,7 @@ BigNumCmp ( > > > > IN CONST VOID *BnB > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); > > > > + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0, 12); > > > > } > > > > > > > > /** > > > > @@ -4888,7 +4893,7 @@ BigNumBits ( > > > > IN CONST VOID *Bn > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); > > > > + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0, 12); > > > > } > > > > > > > > /** > > > > @@ -4904,7 +4909,7 @@ BigNumBytes ( > > > > IN CONST VOID *Bn > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); > > > > + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0, 12); > > > > } > > > > > > > > /** > > > > @@ -4923,7 +4928,7 @@ BigNumIsWord ( > > > > IN UINTN Num > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4940,7 +4945,7 @@ BigNumIsOdd ( > > > > IN CONST VOID *Bn > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -4959,7 +4964,7 @@ BigNumCopy ( > > > > IN CONST VOID *BnSrc > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4974,7 +4979,7 @@ BigNumValueOne ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -4997,7 +5002,7 @@ BigNumRShift ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, N, BnRes), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -5013,7 +5018,7 @@ BigNumConstTime ( > > > > IN VOID *Bn > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn)); > > > > + CALL_VOID_CRYPTO_SERVICE (BigNumConstTime, (Bn), 12); > > > > } > > > > > > > > /** > > > > @@ -5036,7 +5041,7 @@ BigNumSqrMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), FALSE, > > 12); > > > > } > > > > > > > > /** > > > > @@ -5052,7 +5057,7 @@ BigNumNewContext ( > > > > VOID > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); > > > > + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL, 12); > > > > } > > > > > > > > /** > > > > @@ -5066,7 +5071,7 @@ BigNumContextFree ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); > > > > + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx), 12); > > > > } > > > > > > > > /** > > > > @@ -5085,7 +5090,7 @@ BigNumSetUint ( > > > > IN UINTN Val > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), FALSE, 12); > > > > } > > > > > > > > /** > > > > @@ -5108,7 +5113,7 @@ BigNumAddMod ( > > > > OUT VOID *BnRes > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), > > > FALSE, > > > > 12); > > > > } > > > > > > > > /** > > > > @@ -5128,7 +5133,7 @@ EcGroupInit ( > > > > IN UINTN CryptoNid > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); > > > > + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL, 13); > > > > } > > > > > > > > /** > > > > @@ -5156,7 +5161,7 @@ EcGroupGetCurve ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > > BnB, > > > > BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, > > BnB, > > > > BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5178,7 +5183,7 @@ EcGroupGetOrder ( > > > > OUT VOID *BnOrder > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), > FALSE, > > > 13); > > > > } > > > > > > > > /** > > > > @@ -5192,7 +5197,7 @@ EcGroupFree ( > > > > IN VOID *EcGroup > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); > > > > + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup), 13); > > > > } > > > > > > > > /** > > > > @@ -5210,7 +5215,7 @@ EcPointInit ( > > > > IN CONST VOID *EcGroup > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); > > > > + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL, 13); > > > > } > > > > > > > > /** > > > > @@ -5226,7 +5231,7 @@ EcPointDeInit ( > > > > IN BOOLEAN Clear > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); > > > > + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear), 13); > > > > } > > > > > > > > /** > > > > @@ -5254,7 +5259,7 @@ EcPointGetAffineCoordinates ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5279,7 +5284,7 @@ EcPointSetAffineCoordinates ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, > > EcPoint, > > > > BnX, BnY, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5305,7 +5310,7 @@ EcPointAdd ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, > EcPointA, > > > > EcPointB, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, > EcPointA, > > > > EcPointB, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5331,7 +5336,7 @@ EcPointMul ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > > BnPScalar, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, > > > > BnPScalar, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5352,7 +5357,7 @@ EcPointInvert ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), > > FALSE, > > > > 13); > > > > } > > > > > > > > /** > > > > @@ -5373,7 +5378,7 @@ EcPointIsOnCurve ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), > > > > FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5392,7 +5397,7 @@ EcPointIsAtInfinity ( > > > > IN CONST VOID *EcPoint > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE, > > > 13); > > > > } > > > > > > > > /** > > > > @@ -5415,7 +5420,7 @@ EcPointEqual ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > > BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, > > > > BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5445,7 +5450,7 @@ EcPointSetCompressedCoordinates ( > > > > IN VOID *BnCtx > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, > > > > EcPoint, BnX, YBit, BnCtx), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, > (EcGroup, > > > > EcPoint, BnX, YBit, BnCtx), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5462,7 +5467,7 @@ EcNewByNid ( > > > > IN UINTN Nid > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); > > > > + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL, 13); > > > > } > > > > > > > > /** > > > > @@ -5476,7 +5481,7 @@ EcFree ( > > > > IN VOID *EcContext > > > > ) > > > > { > > > > - CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); > > > > + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext), 13); > > > > } > > > > > > > > /** > > > > @@ -5513,7 +5518,7 @@ EcGenerateKey ( > > > > IN OUT UINTN *PublicKeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > > PublicKeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, > > > > PublicKeySize), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5538,7 +5543,7 @@ EcGetPubKey ( > > > > IN OUT UINTN *PublicKeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > > PublicKeySize), > > > > FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, > > > > PublicKeySize), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5577,7 +5582,7 @@ EcDhComputeKey ( > > > > IN OUT UINTN *KeySize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, > > > > PeerPublicSize, CompressFlag, Key, KeySize), FALSE, 13); > > > > } > > > > > > > > /** > > > > @@ -5604,7 +5609,7 @@ EcGetPublicKeyFromX509 ( > > > > OUT VOID **EcContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > > EcContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGetPublicKeyFromX509, (Cert, CertSize, > > > > EcContext), FALSE, 15); > > > > } > > > > > > > > /** > > > > @@ -5633,7 +5638,7 @@ EcGetPrivateKeyFromPem ( > > > > OUT VOID **EcContext > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, > PemSize, > > > > Password, EcContext), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcGetPrivateKeyFromPem, (PemData, > PemSize, > > > > Password, EcContext), FALSE, 15); > > > > } > > > > > > > > /** > > > > @@ -5676,7 +5681,7 @@ EcDsaSign ( > > > > IN OUT UINTN *SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, > MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcDsaSign, (EcContext, HashNid, > MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 15); > > > > } > > > > > > > > /** > > > > @@ -5713,5 +5718,5 @@ EcDsaVerify ( > > > > IN UINTN SigSize > > > > ) > > > > { > > > > - CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > > MessageHash, > > > > HashSize, Signature, SigSize), FALSE); > > > > + CALL_CRYPTO_SERVICE (EcDsaVerify, (EcContext, HashNid, > > MessageHash, > > > > HashSize, Signature, SigSize), FALSE, 15); > > > > } > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > index dc7527bb01..fe9cdc0d4d 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c > > > > @@ -49,7 +49,6 @@ DxeCryptLibConstructor ( > > > > ) > > > > { > > > > EFI_STATUS Status; > > > > - UINTN Version; > > > > > > > > Status = gBS->LocateProtocol ( > > > > &gEdkiiCryptoProtocolGuid, > > > > @@ -65,13 +64,5 @@ DxeCryptLibConstructor ( > > > > return EFI_NOT_FOUND; > > > > } > > > > > > > > - Version = mCryptoProtocol->GetVersion (); > > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > > - DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Crypto Protocol > unsupported > > > > version %d\n", Version)); > > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > > - mCryptoProtocol = NULL; > > > > - return EFI_NOT_FOUND; > > > > - } > > > > - > > > > return EFI_SUCCESS; > > > > } > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > index 51f858302f..6ad1d3afe0 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c > > > > @@ -30,7 +30,6 @@ GetCryptoServices ( > > > > { > > > > EFI_STATUS Status; > > > > EDKII_CRYPTO_PPI *CryptoPpi; > > > > - UINTN Version; > > > > > > > > CryptoPpi = NULL; > > > > Status = PeiServicesLocatePpi ( > > > > @@ -46,12 +45,5 @@ GetCryptoServices ( > > > > return NULL; > > > > } > > > > > > > > - Version = CryptoPpi->GetVersion (); > > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > > - DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Crypto PPI unsupported > > > > version %d\n", Version)); > > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > > - return NULL; > > > > - } > > > > - > > > > return (VOID *)CryptoPpi; > > > > } > > > > diff --git > a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > index be0f44e63b..6c7c75c8a7 100644 > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c > > > > @@ -52,7 +52,6 @@ SmmCryptLibConstructor ( > > > > ) > > > > { > > > > EFI_STATUS Status; > > > > - UINTN Version; > > > > > > > > Status = gSmst->SmmLocateProtocol ( > > > > &gEdkiiSmmCryptoProtocolGuid, > > > > @@ -67,13 +66,5 @@ SmmCryptLibConstructor ( > > > > return EFI_NOT_FOUND; > > > > } > > > > > > > > - Version = mSmmCryptoProtocol->GetVersion (); > > > > - if (Version < EDKII_CRYPTO_VERSION) { > > > > - DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Crypto SMM Protocol > > > > unsupported version %d\n", Version)); > > > > - ASSERT (Version >= EDKII_CRYPTO_VERSION); > > > > - mSmmCryptoProtocol = NULL; > > > > - return EFI_NOT_FOUND; > > > > - } > > > > - > > > > return EFI_SUCCESS; > > > > } > > > > -- > > > > 2.31.1.windows.1 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > [-- Attachment #2: Type: text/html, Size: 262616 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2023-01-06 18:11 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <cover.1671430636.git.yi1.li@intel.com>
2022-12-19 6:24 ` [PATCH 1/1] CryptoPkg: Make Protocol Service API backward compatible Li, Yi
[not found] ` <17321DB57D822CE7.23615@groups.io>
2023-01-04 2:03 ` [edk2-devel] " Li, Yi
2023-01-06 10:06 ` Yao, Jiewen
2023-01-06 11:06 ` Li, Yi
2023-01-06 11:21 ` Yao, Jiewen
[not found] ` <1737B458A2E4874C.7095@groups.io>
2023-01-06 12:13 ` Yao, Jiewen
2023-01-06 15:09 ` Li, Yi
2023-01-06 15:19 ` Yao, Jiewen
2023-01-06 18:11 ` Li, Yi
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox